Unibox Userguide 1.8

Unibox User Guide
Version 1.8
4/14/2014
Wifi-soft Solutions Private Limited
© Copyright 2014 Wifi-soft Solutions Pvt. Disclaimer
Ltd.
All rights reserved. WIFI-SOFT SOLUTIONS PRIVATE LIMITED
MAKES NO WARRANTY OF ANY KIND WITH
The information contained herein is subject REGARD TO THIS MATERIAL, INCLUDING,
to change without notice. This document BUT NOT LIMITED TO, THE IMPLIED
contains proprietary information, which is WARRANTIES OF MERCHANTABILITY AND
protected by copyright. No part of this FITNESS FOR A PARTICULAR PURPOSE.
document may be photocopied, reproduced,
or translated into another language without Wifi-soft shall not be liable for errors
the prior written consent of Wifi-soft. contained herein or for incidental or
consequential damages in connection with
Publication Date the furnishing, performance, or use of this
January 14, 2014 material.
Applicable Products The only warranties for Wifi-soft products

and services are set forth in the express
The administration guide applies to the warranty statements accompanying such
following products – products and services. Nothing herein should
be construed as constituting an additional
 UniBox U-50 warranty. Wifi-soft shall not be liable for
 UniBox U-100 technical or editorial errors or omissions
 UniBox U-200 contained herein.
 UniBox U-500
 UniBox U-1000 Wifi-soft assumes no responsibility for the
use or reliability of its software on
equipment that is not furnished by Wifi-soft.
About Unibox User Guide
Table of Contents
Unibox Overview ..................................................................................................................................... 9

Primary functions .............................................................................................................................. 10
Important Concepts .............................................................................................................................. 13
UniBox Models .................................................................................................................................. 17
Installation ............................................................................................................................................ 19
Standalone Unit ................................................................................................................................ 19
UniBox U-50 and U-100 ................................................................................................................ 19
UniBox U-200 ................................................................................................................................ 19
UniBox U-500 and U-1000 ................................................................................................................ 20
Network Deployment........................................................................................................................ 20
Feature Summary.................................................................................................................................. 22
Networking........................................................................................................................................ 22
Authentication .................................................................................................................................. 22
BYOD (Bring Your Own Device) ......................................................................................................... 22
Bandwidth Management .................................................................................................................. 23
Policies .............................................................................................................................................. 23
Captive Portal.................................................................................................................................... 23
Billing................................................................................................................................................. 23
Reporting .......................................................................................................................................... 23
Subscriber Management ................................................................................................................... 24
Monitoring ........................................................................................................................................ 24
Administration .................................................................................................................................. 24
Interfaces .......................................................................................................................................... 24
Technical Overview ............................................................................................................................... 24
Architecture ...................................................................................................................................... 24
Menu Summary..................................................................................................................................... 26
Network ................................................................................................................................................ 26
Authentication ...................................................................................................................................... 26
Control .................................................................................................................................................. 26
Billing..................................................................................................................................................... 26
Reports .................................................................................................................................................. 26
Tools ...................................................................................................................................................... 27
Admin .................................................................................................................................................... 27
Getting Started...................................................................................................................................... 28
Dashboard ............................................................................................................................................. 29
Network Management .......................................................................................................................... 31
Port Status..................................................................................................................................... 31
WAN Port ...................................................................................................................................... 32
LAN Port ........................................................................................................................................ 33
Bridge Port .................................................................................................................................... 34
Wireless Port (Selected Models Only) .......................................................................................... 34
3G (Selected Models) .................................................................................................................... 36
Service Port ................................................................................................................................... 37
Server Port .................................................................................................................................... 37
DHCP ................................................................................................................................................. 38
DNS.................................................................................................................................................... 40
IP Routes ........................................................................................................................................... 41
NAT.................................................................................................................................................... 44
Device Monitoring ............................................................................................................................ 46
SNMP................................................................................................................................................. 50
Dynamic DNS..................................................................................................................................... 53
Server Pool ........................................................................................................................................ 55
Authentication ...................................................................................................................................... 57
Profiles .......................................................................................................................................... 57
Users ............................................................................................................................................. 61
List BYOD Devices.......................................................................................................................... 63
Expire / Suspend User ................................................................................................................... 70
Un-Expire / Unsuspend User ......................................................................................................... 71
BYOD Devices ................................................................................................................................ 73
Groups ............................................................................................................................................... 75
Pass-through URL .............................................................................................................................. 78
Portals ............................................................................................................................................... 79
Control .................................................................................................................................................. 89
Policies .......................................................................................................................................... 89
Date & Time Policy ........................................................................................................................ 90
Relogin Policy ................................................................................................................................ 92
Variable Bandwidth....................................................................................................................... 94
Load Balancing Policy .................................................................................................................... 96
Fair Usage Policy ........................................................................................................................... 98
Bandwidth Control ...................................................................................................................... 100
Content Filtering (Selected Models) ............................................................................................... 104
Traffic Analysis (Selected Models) .................................................................................................. 107
Billing................................................................................................................................................... 112
Billing Configuration........................................................................................................................ 112
Payment Gateway Configuration .................................................................................................... 113
SMS Gateway Configuration ........................................................................................................... 115
Plans ............................................................................................................................................ 116
Fixed Time Plan ........................................................................................................................... 117
Time Usage Plan .......................................................................................................................... 117
Bandwidth Usage Plan ................................................................................................................ 117
List Plans.......................................................................................................................................... 117
New Plans........................................................................................................................................ 118
Prepaid ........................................................................................................................................ 122
List Prepaid Batch............................................................................................................................ 122
New Prepaid Batch.......................................................................................................................... 123
Customize Prepaid Design .............................................................................................................. 128
Transactions ................................................................................................................................ 137
Email Templates .......................................................................................................................... 138
List Email Tempates ........................................................................................................................ 138
New Email Templates ..................................................................................................................... 139
Reporting ............................................................................................................................................ 141
Online Users .................................................................................................................................... 141
Usage............................................................................................................................................... 142
Usage Summary .............................................................................................................................. 142
Usage Graphs .................................................................................................................................. 152
Billing Reports ................................................................................................................................. 154
Revenue Reports ......................................................................................................................... 154
Revenue by Plan .......................................................................................................................... 160
Prepaid Usage Report ................................................................................................................. 163
Signup Summary ......................................................................................................................... 169
System Reports ............................................................................................................................... 171
DHCP Leases ................................................................................................................................ 172
Port Connections......................................................................................................................... 172
ARP Report .................................................................................................................................. 173
System Usage .............................................................................................................................. 174
System Information ........................................................................................................................ 175
Monitoring ...................................................................................................................................... 176
User Agent ...................................................................................................................................... 176
Tools .................................................................................................................................................... 178
Diagnostic Tools .......................................................................................................................... 178
List Diagnostic Tools .................................................................................................................... 178
Ping.............................................................................................................................................. 178
Trace Route ................................................................................................................................. 179
IPScan .......................................................................................................................................... 180
Network Trace............................................................................................................................. 181
Force Authentication .................................................................................................................. 185
Caching / Proxy ........................................................................................................................... 186
Caching / Proxy ........................................................................................................................... 187
Flush Cache ................................................................................................................................. 187
Remote SysLogs .......................................................................................................................... 188
Remote System Logs ................................................................................................................... 188
New Remote Server .................................................................................................................... 188
Delete Remote Server ................................................................................................................. 189
User Activity Logs ........................................................................................................................ 190
List Activity Logs .......................................................................................................................... 190
Activity Logs Summary ................................................................................................................ 191
Top Sites ...................................................................................................................................... 191
Site and Users ............................................................................................................................. 192
Download Hits ............................................................................................................................. 193
Download Activity Logs ............................................................................................................... 195
Event Logs ................................................................................................................................... 195
Event Logs ................................................................................................................................... 195
Save Logs ..................................................................................................................................... 197
Admin .................................................................................................................................................. 198
Account ....................................................................................................................................... 198
List Accounts ............................................................................................................................... 198
New Accounts ............................................................................................................................. 198
Profile .......................................................................................................................................... 204
Configuration .............................................................................................................................. 206
List Configuration ........................................................................................................................ 206
Create Configuration ................................................................................................................... 207
Upload Configuration .................................................................................................................. 208
Time ............................................................................................................................................ 209
Time Zone.................................................................................................................................... 209
Date and Time ............................................................................................................................. 209
NTP Server................................................................................................................................... 210
Reset ........................................................................................................................................... 210
Reboot ......................................................................................................................................... 211
Power Off .................................................................................................................................... 211
Access Log ................................................................................................................................... 212
Access Log ................................................................................................................................... 212
Change Log .................................................................................................................................. 213
Troubleshooting .................................................................................................................................. 215
Appendix ............................................................................................................................................. 216
External Login Page ......................................................................................................................... 216
External Registration Page .............................................................................................................. 216
Setting up Remote Syslog Server .................................................................................................... 217
Configuring Unibox for Wifilan ....................................................................................................... 217
URL Logging ..................................................................................................................................... 217
VSA - Vendor Specific (RADIUS) Attributes ..................................................................................... 218
Unibox Overview
UniBox is an access controller or a gateway that helps network administrators secure and
control access to wired or wireless networks by guest, students, business laptops and
computers as well as employees Personal devices or BYODs, in variety of business,
hospitality, places of worship, local government offices, shopping malls, restaurants, pizza
and coffee shops, healthcare clinics and offices, car dealerships, RV Parks and education
sector scenarios by enforcing bandwidth restrictions, content filtering, Web-URL filtering,
track user activity, perform billing functions and generate various types of reports.
UniBox can be used for managing public wireless (or wired) networks at Wi-Fi hotspots/
hotzones, campus and public-access networks. It can be used by private enterprises for
controlling access to their private networks, isolating and authenticating guest traffic via a
splash page , enforce time and usage policies and to allow secure and limited access to
BYODs by employing self-registering / requesting for IT approval of their BYOD devices and.
UniBox is an all-in-one gateway controller i.e. it functions both as a firewall and an access
controller as well as an authentication and billing server. It implements a captive portal that
restricts unauthenticated users from getting access to the network resources e.g. Internet.
In addition, it also provides an on-board authentication and billing server to verify the user’s
credentials and charge the user for using the network.
UniBox can be also deployed with a central authentication and billing (OSS/BSS) server. In
this case, UniBox will function in controller-only mode and will use the services offered by
the central server. If the hotspot / hospitality operator wants to manage multiple hotspots
centrally then UniBox is deployed in the controller mode. It works seamlessly with Wifi-
soft’s cloud-based management platform – WiFiLAN.
UniBox comes in different models based on the number of concurrent users it can support.
UniBox can be deployed to work with wide range of industry standard wireless access points
like Cisco, HP, Juniper to name a few and can easily be overlaid in any existing wired or
wireless network in a small to large sized networks. The software stack is installed on
standard x86 hardware running Linux variant. This makes UniBox very versatile and is
capable of scaling to support thousands of users on the network.
Primary functions
UniBox is primarily deployed as a hotspot gateway to manage public Wi-Fi hotspots or

hotzones. But it is increasing used in Small Medium Business and Education sector to
enforce Guest and BYOD functions. UniBox accordingly perform the following functions –
1. Network Configuration
Unibox provides you the ability to interface and monitor your network by providing various
network configuration and monitoring options. UniBox is deployed as a gateway so it sits
between the private LAN and public WAN / Internet network. UniBox comes with 2 or more
Ethernet ports. One port works as WAN port and is connected to the broadband or leased
line circuit. It supports various configuration options like PPPoE, Dynamic and Static IP. It is
possible to configure the 3G cellular port (via USB dongle) to function as WAN port in rural
areas / construction sites where Internet service is not available yet.
The other ports are bridged together to form the LAN port. The LAN port(s) are connected
to the private network (wired or wireless). UniBox controls access of the clients connected
to the LAN port.
Other than port configuration, UniBox provides features like DHCP server and DNS that
allows administrator to configure IP addressing and to choose specific domain name servers.
Built-in monitoring module, allows to you to monitor all the network elements like wireless
access points, IP cameras, POS terminals, etc in the network. The NAT feature provides
network address translation and port forwarding thus enabling access to the internet by the
guests and BYODs as well as secure access to internal devices from the Internet. Unibox also
provides SNMP agents and SNMP traps to interface with third-party NMS systems. Finally
the DDNS feature allows administrators to use DDNS services like anyDNS, no-ip etc that
allows access to UniBox deployed on a dynamic IP.
2. Captive Portals
Captive Portals are displayed to the hotspot and BYOD users when unauthenticated users
try to connect to a Wi-Fi hotspot. The Captive Portal is displayed as a result of redirection of
the client on the network. It provides an interface for the user to provide login information
and pass this information to the Authentication Server for validation. Unibox provides
predefined templates for designing captive portals using the click-and-customize method.
Alternatively, administrator can also design the captive portal separately and host it on an
external web server. UniBox provides customization of logo, branding, images, text and
layout of the captive portals to suit specific branding requirements.
Captive Portals also provide an option for user provisioning (online registration) by
requesting the users to create their accounts using a payment option like credit card or
PayPal. UniBox manages the complete end-to-end workflow of the user provisioning
process.
3. BYOD Registration and Authorization
Many businesses, especially for non-manufacturing workforce, are witnessing an explosive

demand by the employees to use their own personal devices, like smart phones, tablets and
ultrabooks / laptops to check their emails, access to intranet portals like sharepoint and to
have access to a limited number of web applications servers, while 95% use of these
personal devices is for Internet access. It is an IT nightmare and most of the time, under
pressure from supervisors and higher levels, IT departments are simply allowing these users
/ personal devices to access the Internet thru company network by having them use the
company private wireless networks, though most of these users are not at all malicious,
nonetheless, the security posture of the devices and the websites / content some of them
accessing thru the company network, has potential for security breaches / work / virus
infection to company business servers and other business computers. Unibox allows self-
registration of such devices wherein the user of such personal device will request for access
from IT department by filling up a short browser based form splashed through the Unibox,
as user tries to go to Internet, and then submits the same over to the IT department, which
then approves or otherwise the access and then notify the user via their company email to
be of granted access to the limited BYOD network. This process not only allows approved
devices on the network, it also allows to take away the access if a device is lost / stolen or if
an employee leaves the company and at the same time allows companies to enforce
policies, bandwidth caps, content filtering etc.
4. User Authentication and Tracking
Once the user, say an education/residence environment, is provisioned in UniBox, s/he can
use the captive portal to gain access to the network. This involves AAA (Authentication,
Authorization and Accounting) services from the RADIUS server. This service is responsible
for validating user’s credentials and providing access to the Internet and any limited internal
web / application servers if so allowed. It also performs accounting function by collecting
the CDR/session records for each user. UniBox running in local authentication mode run an
internal AAA server that is responsible for all the AAA services on the network.
5. Billing
UniBox comes with a comprehensive billing module that allows administrators to configure
different billing plans, create access codes, perform credit card clearing, interface with
PayPal and generate revenue reports. Most US credit card payment gateways are
supported, and Canadian gateways can be helped with, if there is sufficient demand.
6. Bandwidth control
UniBox comes with many bandwidth control tools that allow administrators to effectively
manage bandwidth among the users. It provides options to enforce group-level or per-user
level bandwidth control rules to ensure optimal use of the network bandwidth.
7. Policy Management
UniBox provides wide range of policies to restrict usage, enforce fair usage and identify
misuse of the network. These policies can be applied to group of users and tracked by the
administrator on a regular basis.
8. Traffic Management & QoS
UniBox offers various tools to effectively manage and control the data usage on the network
in addition to maintaining QoS. Traffic management can be done at different levels like
group of users, per user, per application or port or a subnet of IP addresses. UniBox provides
different policies to enforce fair usage on the network or penalize users who are misusing
the network traffic.
9. Reporting and Analytics
Extensive reporting capabilities allow administrators to keep watch on all the activity on the
network. UniBox also analyses the data collected from the users and display analytics like
usage trends, OS/Devices used, top users, etc.
Important Concepts
1. RADIUS (AAA)
RADIUS stands for Remote Authentication Dial-In User Service. The protocol is
defined by IETF (Internet Engineering Task Force) and is described in detail in RFC
2865 and RFC 2866.
2. Captive Portal
Captive Portal (AKA – login or landing page) is the page that enforces authentication
on the network managed by UniBox. The Captive Portal can be either hosted inside
the UniBox or can be hosted on an external web server.
3. Bandwidth Control
Bandwidth control mechanisms are required to control the bandwidth for each user
on the network. UniBox offers various bandwidth control functions to help the
administrators regulate the bandwidth usage and punish the users who hog the
bandwidth.
4. User Provisioning and Management

UniBox provides completely automated mechanism for provisioning users on the
public networks like Wi-Fi hotspots. Unauthenticated users are presented a
registration page to create an account online. The registration page may offer billing
plans for paid hotspots or UniBox also allows administrators to add user’s account
directly in the system.
User accounts created are generally associated to a particular groups, policies or

plans. Users Internet usage can be restricted based on the plan or groups they
belong. Unibox allows you to configure various restrictions for each user like Session
timeout, Concurrency Limit, Idle Timeout, Upload/Download Rate, Daily
Upload/Download Quota, Sessions per day and Usage Quota.
Unibox does comprehensive accounting of each user which provides you with details
like Start time and End time of Sessions, Duration, MAC Addresses,
Upload/Download Data Size per session and the session termination reason. It also
maintains Agent and Authentication history which provides you information about
user’s browser, OS, IP/MAC addresses, login timing, bandwidth usage and more.
Administrator also has a privilege to expire, suspend or activate users or even
disconnect the user from the network. Finally the user’s activity and authentication
history can be exported to a PDF or Excel file to analyze it further.
5. Billing
For a paid network like Wi-Fi hotspot, it is necessary to provide online payment
option to the end-users. The billing system allows administrators to charge credit
cards, interface with PayPal, define billing plans, view transactions and configure the
payment gateway details. Before enabling billing, administrator needs add the
payment gateway settings in UniBox. When the user registers for a new account,
UniBox passes the credit card details to the payment gateway for processing. If the
card is charged successfully, the user’s account is created in subscriber table and
user is given access based on the billing plans he selects.
Similarly, administrator can create different types of prepaid (access) codes or PINs
which can be exported or printed in a business card sized format for distribution. The
end user can enter the prepaid code on the portal page and gain access to the
network (Internet) for the allotted time or bandwidth.
6. SMS Based Login

SMS based login employs two-factor authentication process (also known as OTP –
one time password) to validate the user with his mobile number. With the rise in
cyber crimes, many countries require that hotspots operators validate the user’s
mobile number at a public WiFi hotspot. SMS based login helps these operators to
comply with this requirement. Additionally, this process also allows the operator to
collect mobile/cell phone numbers for marketing and promotional activities.
How does it work?

When the customer visit your WiFi Hotspot, he will see a login page (Captive Portal)
requesting them to enter his mobile (cell) number. Customer enters the mobile
number along with the other optional details like personal information, email,
preferences, etc. On receiving the information, UniBox sends a SMS with a login code
(randomly generated) to the registered Mobile Number. Customer needs to enter
the code on the login page to gain access to the Internet. UniBox provides different
variants to this process to allow operators to implement different business models
on the network.
UniBox also implements Reverse-SMS authentication process in which the hotspot

operator doesn’t need to send SMS to the end user. Instead the user needs to send
SMS to a predefined number to validate his/her Mobile Number. Once UniBox
receives the SMS, it allows the user to login.
7. Social Media Integration

Social media is a network of all people who get together as a society over the
Internet and connect with each other for sharing information, knowledge, news,
events etc. We have number of popular social networking websites like Facebook,
Twitter, Google and LinkedIn.
There is a rising trend to capture social media information for the users who access
Wi-Fi at public hotspots. Most of the social media websites provide rich API to
retrieve user’s profile that is extremely valuable to companies for profiling users,
understanding user trends and building marketing strategies. For end-user’s
perspective, the users don’t need to remember username and password for each
hotspot. Instead they can just use their Facebook ID to gain access to the hotspot.
UniBox provides different options to validate user’s credentials using their social
media profile. It also seamless collects the user’s public information to generate
analytics and trends.
8. Activity Logging (URL Tracking)

Activity logging means tracking the user browsing activity and logging the URLs the
user visits while using UniBox managed network. This is an optional feature and can
be activated on need basis. When activated, UniBox starts keeping track of the
Internet activity for the user and logs the activity in a database. Administrators can
generate various reports or use the search tool to find URLs visited by a user on the
network. Additionally administrator can log and archive the information centrally by
streaming the information to a remote server. This may be required for regulatory
compliance.
9. Network Monitoring and Alerts

Monitoring allows administrators to check the health of all the network elements
like access points, switches, cameras, printers, etc inside the network. It monitors
each element periodically to ensure that the connectivity is intact. If an outage is
detected, an alert is generated and sent to the right person so a repair work can be
carried out before the end users get affected.
10. SMS Advertisement

Many hotspot operators are trying to monetize their hotspot investments especially
those operating free hotspots. Moreover many venues like shopping malls, retail
outlets, stores, airports are looking for avenues to provide targeted advertisement to
their customers. UniBox SMS advertisement feature works in conjunction with SMS-
based login to provide proximity advertisement to the users of a hotspot.
How does SMS advertisement work?

SMS advertisement works along with SMS-based login (two factor authentication). It
also needs integration with local SMS gateway or SMS aggregator.
UniBox captures user’s mobile/cell number when he registers using two-factor
authentication. Operator can upload predefined advertisement, promotions, offers
as text messages in UniBox. When UniBox detects that the user is at the hotspot, it
will send 2 or 3 advertisements to the user’s registered mobile number.
11. VLAN Description
Unibox works in Layer 2 mode by acting as a promiscuous gateway, wherein a single

or multiple wireless and wired VLANs can all be placed into a single subnet with
Unibox acting as gateway on that common subnet.
The use of multiple VLANs allows users across these VLANs to remain totally isolated,
while having access only to the Internet via Unibox gateway.
This type of working requires use of Managed (L2 and / or L3) switches with wired
users (untagged members of one or more VLANs) and wireless users (the Wireless
APs addressing can either be in the same subnet / VLAN as the users connecting
through it, or APs can be on a management VLAN with users egressing thru a VLAN,
such that POE switch port connecting to the AP is a 802.1Q trunk port with AP
management VLAN as untagged and users VLAN tagged on it, and then multiple APs
can be all set to egress their respective users to different VLANs, and at the same
time APs themselves can be on same management VLAN. This way an apartment
complex or MTU / MDU set up can offer each tenant have their own SSID / WLAN
through their AP, but they all ultimately share the same address space / subnet (and
still isolated) and Unibox LAN / Bridge address is gateway for that subnet.
The Unibox is connected to the switch port with all users VLANs tagged to it (and
VLAN support enabled on the Unibox). In the case of a separate management VLAN
for the APs, don't include that VLAN as tagged or untagged on the switch port
connecting to the Unibox.
If multiple switches are involved, make sure to have uplinks between switches carry
all the VLANs for wired and wireless users, by tagging them on the uplink ports,
while AP management VLAN can be untagged member on these ports.
Also note that no IP address should be assigned on any switch for these user VLANs
and the DHCP server set up on the Unibox will provide the IP address to all the
wireless and wired VLANs that you need to allow internet only service controlled by
Unibox.
UniBox Models
UniBox is sold in five variants –
1. U-50: This model is ideal for small networks and supports 50 concurrent users. It
comes with 3 Gigabit Ethernet ports and fanless design. For more details on this
model refer to the table below.
2. U-100: This model is ideal for small to medium sized networks that support 100
concurrent users. The hardware is similar to U50 and also comes with fanless design.
3. U-200: This model is ideal for medium sized networks and is capable for support up
to 200 concurrent users. It comes with 4 Gigabit Ethernet ports and fanless design.
For more details on this model refer to the table below.
4. U-500: This model is designed for high-traffic, large networks and is capable of
handling up to 500 concurrent users. The model comes in 1-U form factor. For more
details on this model refer to the table below.
5. U-1000: This model is designed to handle very high-traffic, large networks. It is
capable of supporting 1000 concurrent users. It also comes in 1-U form factor.
In addition, you can also order custom model for networks that have more than 1000
concurrent users or where there is a need for a redundant power supply and redundant LAN
side connections for hook p to a stack of enterprise switches or two core enterprise
switches, for better resiliency. For large scale and critical operations, it is recommended to
deploy a pair of controllers in active / passive mode. The configuration from the active can
be backed up along with the user database to the passive unit (not suitable for hospitality
operations, because of dynamic nature of guest accounts, but a spare unit with
configuration restored and user accounts recreated or in case of external radius server
hosting such accounts will work. Table on the next page shows the complete list of Features,
hardware Specifications and Software Specification for each model.
Installation
This section explains how to install UniBox in your network. UniBox needs to be deployed as a
network gateway so it is installed between the LAN and WAN network. UniBox is always shipped
with two or more Ethernet ports. The photos below display the various components of two UniBox
variants – standalone unit and 1U server unit.
Standalone Unit
UniBox U-50 and U-100
UniBox U-50 and U-100 standalone unit comes with three Gigabit Ethernet ports, serial port, two
USB ports and a power jack. The photo shows the various connectors available to the user. The LAN
port needs to be connected to your private network that UniBox will manage. The WAN port needs
to be plugged into your Internet (WAN) connection.
UniBox U-200
UniBox U-200 standalone unit comes with 4 Ethernet ports, 2 USB ports, serial port and power jack.
The photo shows the various connectors available on UniBox U-200. The three LAN ports are bridged
together so you can connect any of the LAN ports to your private Wi-Fi network. Alternatively, you
can connect three distinct networks into UniBox. The WAN port needs to be connected to the
Internet connection via modem or a router.
UniBox U-500 and U-1000
UniBox U-500 and U-1000 model comes with a 1U form factor and is generally installed on a server
rack. The unit comes with 8 Gigabit Ethernet ports. The WAN port is connected to the Internet and 7
additional ports are available for connecting to the private network.
Network Deployment
The diagram below shows a simple deployment scenario for UniBox. It is generally deployed
as a hotspot gateway/controller within a wired or wireless network. In case of a wireless
network, several access points are deployed across the venue to provide adequate signal
coverage to the users. These access points are connected centrally into a switch either using
CAT-6 cables or wirelessly. The LAN port of UniBox is plugged into the switch. The access
points are usually configured in bridge mode thus allowing the clients to directly
communicate with the UniBox. UniBox is responsible for assigning IP addresses on the
network. It also functions as gateway for all the clients on the network.
The WAN port of UniBox is connected to the WAN circuit. Administrators can place a
firewall in between UniBox and the Internet if desired. Otherwise the WAN port directly
connects to the modem. The WAN settings are programmed in UniBox.
When authentication is enabled, each user needs to provide the correct login credentials in
order to access the Internet. UniBox also performs many other functions like bandwidth
control, activity tracking, caching, content filtering, policy management, etc. In short,
UniBox provides administrator with complete control on the network.
We will go through various scenarios in which Unibox can be deployed. Lets start with
Simple Unibox Deployment Scenarios (UDS1).
UDS1: Unibox Deployment Scenarios 1 – Simple Deployment
Description: An Internet connection to Unibox (WAN Port) via Firewall and then spreads out
internally through different Access Points (AP’s) connected to Switch which is further
connected to Unibox (LAN Port). End User connects to the various Access Points and goes
through the Unibox before they browse the Internet. Diagram below shows detailed
deployment of Unibox.
Feature Summary
Networking
This section allows administrators to configure the network settings of UniBox. These
settings are needed to configure the WAN, LAN and wireless LAN ports of UniBox
and other network related parameter. Following items can be configured –
1. Port settings – Configure IP settings for WAN, LAN and wireless LAN ports. If 3G is
supported, administrators can configure the 3G settings
2. DNS server – configure the primary and secondary DNS servers
3. DHCP server – UniBox runs a DHCP server that issues IP addresses to the clients
connected on LAN ports.
4. IP Routes – configure the default and additional IP routes for the Internet traffic
5. NAT – configure network address translation rules to allow port forwarding
functions
6. Device Monitoring – configure network devices like access points, switches,
router, etc for monitoring and view the monitoring results
7. SNMP – configure the SNMP agent and traps
8. Dynamic DNS – Configure Dynamic DNS in case Unibox WAN port IP Address is
dynamic and changes frequently. Dynamic DNS helps you to resolve Unibox
Hostname even if your WAN IP address is changing frequently.
Authentication
UniBox provides a redirect function whereby the network user is redirected to a

captive portal before getting access to network resource like Internet. UniBox also
provides a local authentication mechanism to authenticate the users via the RADIUS
server. In addition, the administrator can also configure UniBox to authenticate users
via an external RADIUS server.
BYOD (Bring Your Own Device)
With increase in the number of mobile devices like tablets and smartphones, lot of
enterprises are facing the challenge of managing the personal devices on the
corporate or private networks. UniBox provides various BYOD features that allow the
administrator to easily provision, track and manage personal devices on the
network. UniBox implements an approval based provisioning process that gives
complete control to the administrators to add/provision new BYOD devices.
Bandwidth Management
Bandwidth management is increasingly an important function for public access

networks – wired or wireless. With the explosive growth of online video and rich-
media applications, there is increasing demand for bandwidth and allocating fair
bandwidth among users has become extremely important.
UniBox provides several bandwidth control mechanism and policies to regulate the
bandwidth for each user. This allows administrators to implement fair usage policy
among the users and not allow anyone to hog the bandwidth.
Policies
UniBox implements various policies to control access and bandwidth of the online
users. Administrators can categorize users into various groups and apply the policies
on a group basis. The policies help the administrator implement fair usage, penalize
users or limit bandwidth for each user.
Captive Portal
Captive portal is the first page the users see when she connects to the network. The
captive portal is used to identify the user before the user gets access to the network
resource like Internet. The captive portal can be either hosted on UniBox or it can be
loaded from an external web server. UniBox provides a simple, template-based
captive portal design that the administrators can easily customize with the company
branding.
The external captive portal provides administrators much more flexibility and control
on the design and layout of the web page.
Billing
Billing is an important function for Wi-Fi hotspots. UniBox provides a billing engine
that gets seamlessly integrated with the captive portals. Billing can be done either
using access (prepaid) codes or using credit card or PayPal. Administrators can define
various billing plans in the system and offer the billing plans to the guest on the
captive portal. Alternatively she can also generate batch of access codes and
distribute them to the end users. Billing section also generates various reports to
track the monthly revenues from the hotspot.
Reporting
Reporting is an important function of UniBox since administrator can retrieve various
reports on usage, revenue and health of the network. The usage reports are used to
check the bandwidth usage, online time and other details of the users. The billing
reports provide information about the revenue generated from the users. The
reports can be downloaded in Excel or PDF format for archiving or further
processing.
Subscriber Management
If administrator configures UniBox to use on-board RADIUS server for user

authentication then the user database is stored locally in UniBox database. UniBox
provides comprehensive interface to manage the user information.
Monitoring
UniBox can be used to monitor the health of the wired or wireless network. It
provide a monitoring service that can be used to check whether the network devices
like switches, access points, routers, firewalls, etc are online and the connectivity is
intact. UniBox can send alerts to the administrators in case there is an outage to
avoid lengthy downtime for the network users.
Administration
UniBox provides multiple administration account and each one can be configured
with custom access control rules. This ensures that the administrator can provide
adequate access to UniBox data based on the user privileges
Interfaces
Depending on the model, UniBox provides multiple Ethernet ports. Each UniBox has
at least two Ethernet interfaces – LAN and WAN. In addition, the U-150 model
provides on-board wireless interface to configure UniBox as an access point. The
same model also provides 3G interface to provide Internet connectivity over 2G/3G
connection.
Technical Overview
Architecture
UniBox is built on robust and scalable software architecture to ensure a reliable, round-the-clock
performance. UniBox firmware runs on the latest Linux kernel and is compatible with any x86
hardware platform. This provides UniBox a lot of options for deployment. Technically, it is possible
deploy UniBox firmware on a custom designed x86 server to support more than 1000 users.
The software architecture for UniBox is as shown –
The end user and administrator interacts with the top-most layer, which is primarily the user
interface needed to access the internal services. The end user interacts with captive portal while the
administrator interacts using the admin portal. The captive portal is used for authentication of user’s
credentials and also for registering/provisioning new users in the system.
The next layer is the module layer which is responsible for providing multiple services like
authentication, billing, captive portal, bandwidth control and policy management. These services run
on top of service layer which provides the basic framework for running various services.
Finally the complete UniBox framework is based on linux kernel which provides wide range of basic
services needed for running the network controller.
Menu Summary
UniBox offers the following menu options to the administrators. Some models may not have
the menu options. Please refer to your admin console to check the menu options available
for your model.
Network
 Ports
 DHCP
 DNS
 IP Route
 NAT
 Monitoring
 SNMP
 Dynamic DNS
 Server Pool
Authentication
 Profile
 Users
 Groups
 Passthrough URLs
 Portal
 SMS
Control
 Policy
 Bandwidth
 Content Filter
 Traffic Analysis
Billing
 Admin
 Plans
 Prepaid
 Transactions
 Email Templates
Reports
 Online Users
 Usage
 Billing
 System
 Monitoring
 User Agent
 SMS Report
Tools
 Diagnostics Tools
 Proxy/Caching
 Remote Syslogs
 User Activity Logs
 Event Logs
Admin
 Account
 Profile
 Configuration
 Time
 Reset
 Reboot
 Power Off
 Access Log
Getting Started
Before you deploy UniBox, you need to setup your wireless or wired network and need to provision
your Internet connection from the local Internet service provider. UniBox functions as a gateway on
your network so it is deployed between the WAN and LAN portion of your network. You may also
deploy UniBox in the DMZ along with the firewall.
In case of a wireless network, the LAN portion connects to a switch or an access point. The switch
aggregates the traffic from various wireless access points and feeds it into UniBox. UniBox runs a
DHCP server to lease IP addresses to all the clients on the LAN.
The WAN port is usually connected to the modem or router provided by the ISP. In case the network
has a hardware firewall, UniBox is generally deployed after the firewall.
The diagram below shows the rear view of UniBox.
The WAN port is the Ethernet port on the right side while the LAN port is the one on the left. To
start with installation and configuration of Unibox for the very first time, you need to connect to
either WAN or LAN port of Unibox to access Unibox User Interface. It is recommended to connect to
LAN port so that you can configure your WAN connection first and then look into your internal
network later. Follow the following steps to get started with Unibox Configuration:
1. Configure NIC of your Laptop or desktop to have following network configuration (Unibox
LAN port by default has 10.10.10.1 IP address):
a. IP Address: 10.10.10.2
b. Subnet Mask: 255.255.255.0
c. Gateway: 10.10.10.1
2. Connect your Laptop with the network interface you just configured by using standard
Ethernet CAT 5 cable (Patch Cord) to the LAN port of Unibox (Refer to screenshot above to
know Unibox LAN port)
3. Open your browser (I.E., chrome etc.) and browse the URL http://10.10.10.1
4. Once you load the Unibox User Interface, login with Admin credentials i.e. Username: admin
and Password: admin. Enter the correct captcha value you see on the page.
5. Connect cable coming from your ISP connection (This could be 3G connection or PPPoE or
Dynamic or Static) to the WAN port of Unibox.
6. If it is a Static connection you need to have WAN Port configuration details like IP addresses,
Subnet mask and Gateway from your ISP which can be used to configure your Unibox WAN
port after it is set to Static. For Dynamic connection your WAN port gets the network
configuration parameters automatically from your ISP once it is connected. You need to set
you WAN to Dynamic mode in that case. In case of 3G and PPPoE connections also, you
need to get the WAN port configuration parameters values from your ISP and then you can
set your WAN port to either 3G or PPPoE mode before you enter the configuration
parameters.
7. Set the Unibox Authentication mode to “No Authentication” while you are doing basic
configuration of Unibox. Go to “Authentication” tab and Click on Profiles option in your left
pane. Click on “Authentication Mode” tab seen in your left pane and select “No
Authentication” mode.
8. You should now be able to browse internet. Disconnect your laptop and connect Ethernet
switch (Number of Ports on your switch will depend on the number of access points you
have and the number of client you want to connect to your Hotspot).
9. You can now connect either your access points or the client systems to the switch. In case
you connect access point, end will connect to Unibox via access points.
10. You can connect you System/Laptop to the switch you just connected, access the Unibox
user interface by browsing URL http://10.10.10.1 and continue configuring and customizing
Unibox based on your Hotspot Requirements.
Dashboard
UniBox dashboard provides the real-time summary of the critical data within UniBox. The
data is summarized in small tables and arranged in form of a grid. Each table provides
information about a specific section like memory usage, CPU load, processes, online users,
etc. UniBox can also display the same information in graphical format. Click on the graphics
button on top-right corner to change the view to graphical one.
Memory Usage – Provides the summary of total used and available transient memory in
UniBox
CPU Usage – Provides what percent of CPU is being utilized by the system processes and
how much is being used for user space
Bandwidth Usage – Provides upload and download bandwidth rates on both WAN and LAN
ports. If the LAN port is bridge, it provides the bandwidth data for the bridge port.
Services – Displays all the services running inside UniBox

Status – Displays the status of the Internet, LAN and wireless ports. If the port is not used or
disabled, it shows a red cross. Also displays the status of the name server (DNS)
Port Connections – Displays the number of source and destination ports open by first 5
clients. To view the port status of all clients, click on the details link.
Monitoring – Provides the monitoring status of first five access points or other monitored
devices in the network.
Events – Displays the summary of event logs (debug message) in UniBox. The messages are
categorized into critical, warning, errors and alerts.
Online Users – Displays first 5 online users in the system. To view the list of all online users
click on the details link.
Network Management
Unibox comes with various Network interfaces like LAN port, WAN Port, Wireless Port and
Bridge Port. 3G port comes with selected Unibox models. Configuring network interfaces
involves assigning IP addresses, setting network parameters and hardware-dependent
values.
The network management section allows administrator to configure the network settings
for Unibox. Brief description for each of these interfaces is given below:
LAN – Local Area Network (LAN) port is connected to the private network. In case of a
wireless network the LAN port will be connected to a switch and the other ports on the
switch will be connected to various access points. For a wired network, the other ports will
be connected to computers, printers and other computing devices.
WAN – Wide Area Network (WAN) port is connected to the Internet feed. Usually it will be a
Leased line/T1, DSL, cable modem or any other Internet feed. The WAN port is configured
using either static, dynamic or PPPoE settings.
Wireless – Some Unibox models come with an in-built wireless access point. This model can
function as an access point and hotspot controller. (Selected models only)
3G – Some Unibox models support 3G backbones i.e. Unibox can use the 3G connectivity to
provide the backhaul needed for the network. 3G can also function as a backup option in
case the primary WAN connection fails. (selected models only)
Bridge – The wireless and LAN port can be bridged to create a bridge port. This will allow
administrator to run authentication service on both the wired (LAN) and wireless networks
at the same time.
After logging in as Admin with valid credentials navigate to Ports Section under Network
Tab. To view the list of all ports and there status, click the “Ports Status” tab on the left
pane. Ports Status will be displayed as shown in the screenshot below.
Port Status
WAN Port
The WAN port connects to the Internet connection from the local ISP. Usually it is a
T1/leased line or a DSL/cable modem circuit with either static or dynamic IP. In case of
dynamic IP, the WAN port gets the dynamically assigned IP address and DNS server settings
from the ISP.
For static IP, configure the WAN port with the IP address and the net mask of the subnet.
You will also need the IP address of the gateway to route the WAN traffic.
WAN port can also be set to Dynamic IP. In this case it will retrieve the IP address
configuration from the DHCP server on the WAN network. Please confirm with your ISP
before configuring the WAN port for Dynamic IP configuration.
Unibox also allows administrators to configure PPPoE settings on the WAN port. This is ideal
if the administrator chooses to keep the modem in bridge mode and use Unibox to
authenticate via PPPoE with the local ISP server.
LAN Port
The LAN port of Unibox usually connects to the private network through a switch.
Administrator can create either a wired or wireless network on the LAN side. We
recommend setting the LAN network on a DHCP so Unibox can issue IP addresses to the
computers on the network. Unibox also supports static IPs in the given IP address range.
Before setting up the LAN network, the administrator needs to assign an IP and netmask to
the Unibox’s LAN port.
Bridge Port
As you can see in the screenshot above, you can configure the bridge settings through “Bridge
Setup” parameter. If you select the option “BOTH” as seen above, that means you are in bridged
mode. Bridging basically happens between Wireless (comes with selected Unibox Models only) and
Wired ports i.e. Both WLAN port and LAN port are bridged together to act as single port. All clients
connected to WLAN as well as LAN now comes under Unibox control as a Single Network and Unibox
now can manage, control and allow internet access to all end users connected to wireless as well as
wired Network.
In some Unibox models Wireless port is not available, in this case you can choose either of “Wired”
or “Both” option for Bridge Setup.
Wireless Port (Selected Models Only)
Some Unibox models are shipped with in-built wireless adapter. This allows the Unibox to
function as a wireless access point in addition to functioning as a controller.
To enable wireless, please check the enable wireless option.
Once the option is enabled, the page will display other wireless configuration options as
seen in the screenshot below. Description for each parameter and its significance is
mentioned in the Table followed by screenshot.
Sr. Parameter Description

No.
Unibox supports two different Network Types 802.11 B
and 802.11 G. Newer versions will also support 802.11
N Network. 802.11g supports bandwidth up to 54
1 Network Type
Mbps, uses the 2.4 GHz frequency for greater range
and is backward compatible with 802.11b. 802.11b
support bandwidth up to 11Mbps and uses 2.4 GHz
frequency. Choose based on your clients Network
Adapters capability.
An SSID is the name of a wireless local area network

(WLAN). All wireless devices on a WLAN must employ
2 Network Name (SSID) the same SSID in order to communicate with each
other. SSID length should not exceed more than 30
characters.
802.11g/b wireless nodes communicate with each
other using radio frequency signals in the ISM
3 Wireless Channel (Industrial, Scientific, and Medical) band between 2.4
GHz and 2.5 GHz. Select the appropriate operating
frequency channel for your Unibox access point.
Most wireless access points (APs) automatically
transmit their network name (SSID) into open air at
4 SSID broadcast regular intervals (every few seconds). By checking this
checkbox, you allow UNIBOX to display its Access Point
SSID to end users.
Supported types are Open, WEP, WPA and WPA2. If
you choose to have network without security then
select OPEN. For secure network, you can configure
WEP, WPA1 Personal or WPA2 Personal. If you want
your Network communication to be encrypted the
5 Security Type
select WEP otherwise you can select either WPA1 or
WPA2. WPA implements the Temporal Key Integrity
Protocol (TKIP) which employs a per packet key
whereas WPA2 further introduces CCMP, a new AES-
based encryption mode with strong security.
Only WEP security type supports Encryption. Unibox
allows you to select either 64 bit or 128 bit encryption.
6 Encryption Using 64 bit gives you weak security but better
performance whereas 128-bit provides you with better
security but at the cost of reduced performance.
Enter WEP or WPA key or password. User will be
prompted to enter this password while connecting to
the network. For WEP you need to enter 10 digits or 5
7 Shared Key
alphanumeric characters for 64 bit and 26 digits or 13
alphanumeric characters for 128 bit. WPA/WPA2 both
supports alphanumeric key between 8 to 63 characters.
3G (Selected Models)
Some versions of Unibox are shipped with 3G support. 3G networks can be used for
backhaul connectivity in case wired (WAN) connectivity is not available in the area.
To enable 3G port, click on the ‘Enable 3G’ option. Since every 3G operator has different
settings for configuring the 3G connection, we have provided minimal configuration for the
3G port. If additional settings are needed for operator in your area, please contact Wifi-soft
technical support for the needed patch for your version of Unibox.
Service Port
The service port of UniBox is used for accessing the admin user interface by physically connecting a
cable to the port. This port is used primarily when administrator is not able to access UniBox from
LAN or WAN port. This might happen when administrator forgets WAN or LAN IP address or there is
a configuration problem with UniBox.
The service port is set to 192.168.123.1 by default. Administrator can change the service port IP to
any desired value however care should be taken to remember the service port IP.
Server Port
UniBox can be configured to control access to shared resources like enterprise servers, printers,
scanners and other systems in the network. This allows administrators to configure rules that will
enable access to the shared resources to specific users on the public access networks.
To configure access policies to shared resources, administrator must setup a separate network
either on a separate VLAN or physical network. Next he needs to connect the server port of UniBox
to the separate network and configure the IP address for the server port.
The screenshot below explains how to setup the server port IP address. The gateway is the Internet
gateway for the server network.
DHCP
Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically

provides an Internet Protocol (IP) host with its IP address and other related configuration
information such as the subnet mask and default gateway. DHCP is an Internet Engineering
Task Force (IETF) standard based on Bootstrap Protocol (BOOTP), a protocol with which
DHCP shares many implementation details. DHCP allows hosts to obtain necessary TCP/IP
configuration information from a DHCP server.
Unibox operates as a DHCP server on the LAN / WLAN / Bridge network. All clients
connecting to Unibox network need to get a valid IP address in order to get authenticated
on the network.
The administrator can configure any class of private network depending on the number of
DHCP leases needed on the network.
To configure DHCP settings, login as admin using valid credential and navigate to DHCP
section under Network Tab. If you click on the DHCP tab available in the left pane you will
see the DHCP settings.
DHCP settings are updated automatically based on the bridge port configuration. DHCP
server provides IP addresses in the range of the bridge Network. None of these parameters
are editable. For more details and information on each parameter, see the Table below
followed by the screenshot.
Unibox allows you to do advance configuration for DHCP in case you want to customize the
way DHCP provides IP addresses to the end users. You need to check the “Advance
Configuration” checkbox as seen in the screenshot below.
Once you check the Advance Configuration Checkbox you can see more options which allow
you to do advance configuration, refer to the screenshot below. IP Pool Start and End, Lease
Interval and domain name, these all options are configurable and can be customized based
on your requirement. For more details and significance of each parameter, refer to the table
followed by screenshot.
No Parameter Description
The LAN IP Address of the Unibox is populated in this
field and is not editable. To change or update this value
1 LAN IP Address
you need to edit the Bridge port settings under Ports
section.
The LAN Port subnet mask is populated in this field and
is not editable. To change or update this value you
2 LAN Netmask need to edit the Bridge port settings under Ports
section. The netmask will decide the number of
available DHCP leases on the network
This field shows the resultant network when the net
3 Resultant Network mask is applied. It is auto-generated and is not
editable.
Select this option if you want to further customize the
4 Advanced Configuration
DHCP settings
Enter the IP Address from where the DHCP server
should start leasing out the IP. Pool defines the address
5 IP Pool Start
range DHCP server uses to lease out the IP addresses to
the client devices.
Enter the IP address beyond which you want DHCP
server to stop leasing out IP address. It should be
6 IP Pool End
smaller than the total available leases. Start and End
values together defines the size of the pool.
7 Lease Interval Enter the time interval in seconds for the DHCP lease.
8 Domain name Enter the domain name of the resultant network.
DNS
The DNS translates Internet domain and host names to IP Addresses. DNS automatically
converts the names we type in our Web browser address bar to the IP addresses of Web
servers hosting those sites.
DNS implements a distributed database to store this name and address information for all
public hosts on the Internet. DNS assumes IP addresses do not change (are statically
assigned rather than dynamically assigned).
Unibox allows you to set the DNS configuration where you can configure Unibox for your
own DNS server or any DNS server available on Internet.
Login as Admin with valid credentials and navigate to DNS section under Network Tab. This
section is used to configure the DNS settings for Unibox. The administrator can also override
the DNS settings obtained dynamically from the ISP. Now you can configure the IP addresses
of your primary and secondary DNS Servers as seen in the screenshot below. Unibox will
automatically switch over to Secondary DNS server in case Primary DNS server is not
available.
IP Routes
IP Routing uses set of protocols that determine the path that data follows in order to travel
across multiple networks from its source to its destination. Data is routed from its source to
its destination through a series of routers, and across multiple networks. The IP Routing
protocols enable routers to build up a forwarding table that correlates final destinations
with next hop addresses.
Unibox allows you to define IP route to route your LAN as well as WAN traffic through
specific network interfaces, routers and network paths.
IP routes allow administrator to configure different routes to the Internet for the LAN users.
The default IP route is the gateway IP address of the WAN port as seen below in the
screenshot.
Login as Admin with valid credentials and navigate to “IP Routes” section under Network
Tab. You can click on the “List IP Routes” tab available on the left pane to view the list of IP
Routes configured, refer to the screenshot below.
In addition the administrator can configure additional routes either for the WAN or LAN
circuits. Click on the “New IP Route” tab available on the left pane and you have the list of
parameters to configure for the route you want to define, refer to the screenshot below. For
more details and significance of each parameter, refer to the table followed by screenshot.
1 Name Name of the IP route
Select the interface on which the IP route will be
2 Interface configured. This could be your WAN port or LAN port
(Bridge port).
Select whether the IP route applies to a specific host or
to a complete network. For host, the route is
3 Type specifically for a particular machine in the network
whereas for network route applies to all hosts present
in that particular network.
IP address of the host for whom you define the IP
4 Destination IP route. Any traffic to the host will be routed using this
IP Route.
This field is available only if you are defining IP-Route
5 Netmask for the network. Specify the netmask for that
particular network.
A gateway is a network point that acts as an entrance
6 Gateway IP to another network. Enter the IP address of the
gateway port for this IP route.
Metric indicates the associated cost for this IP Route.
Cost is typically based on the number of hops or
7 Metric bandwidth of the path. Enter the metrics for this IP
route accordingly. Low metric value path are preferred
over higher metric value path.
You can also add a route to a particular Host in a Network, refer to the screenshot below.
You can delete an IP route by clicking the “List IP Routes” tab available in left pane and then
selecting a route to delete from the list displayed by clicking on the route name. Then you
see the “Delete IP Route” tab in your left pane, clicking on it will prompt you for
confirmation before deleting the route, refer to the screenshot below.
NAT
NAT is Network Address Translation, a process where a network device, usually a firewall,
assigns a public address to a computer (or group of computers) inside a private network.
The main use of NAT is to limit the number of public IP addresses an organization or
company must use, for both economy and security purposes.
The most common form of network translation involves a private network using addresses
in a private range like 10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, or
192.168.0 0 to 192.168.255.255. Routers inside the private network can route traffic
between private addresses however to access resources outside the network, like the
Internet, these computers needs to have public address in order to respond to the requests
made by the Systems on the internet.
Unibox allows you to create NAT rules to enable Network Address Translation. NAT section
under Network Tab allows you to configure NAT (Network Address Translation) or port
forwarding rules for Unibox. By default, Unibox will block all the incoming traffic but NAT
rules can be defined to provide selective access to the internal clients from the WAN side.
Login as Admin with valid credentials and navigate to NAT section under Network Tab. Click
on the “List NAT Rules” tab on the left pane to see the list of NAT rules defined, refer to the
screenshot below.
You can also add new NAT Rule by clicking on the “New NAT Rule” tab in your left pane. To
see the list of parameters to configure a NAT Rule, refer to the screenshot below. In the
example below we have created a NAT Rule to allow computers on internet to do FTP to a
computer with IP Address 10.10.10.5 which is your system in private address range. Remote
computer on internet should the public IP of your network. FTP to the Public IP will connect
the user to the computer in the private network. Rule is created using TCP protocol,
similarly you can also add rules for UDP protocols. For more details and significance of each
parameter, refer to the table followed by screenshot.
1 Name Enter appropriate Name for the NAT rule
NAT Rule can be created for both TCP as well as UDP
2 Protocol protocols. Select whether the rule applies to TCP or
UDP traffic.
Enter the external port number. External port number
3 External Port
can be in the range 1 to 65535.
4 Internal Port Enter the port number of the internal client.
5 Internal IP Enter the IP address of the internal client
As already mentioned you can also create NAT Rule for UDP protocols, refer to the
screenshot below. In this example, your NMS system or SNMP Manager Server on the
internet can send requests for accessing the MIB database information of the computer
with IP address 10.10.10.15 which is in your private network. NMS server should send
request to the external port i.e. 8161 as per our example.
You can delete the NAT Rule by clicking on the “List Nat Rules” tab displayed in your left
pane and then selecting the NAT Rule from the list by clicking on its NAT Rule Name. You
can now see “Delete NAT Rule” tab in your left pane clicking on which; you will be prompted
to confirm the rule deletion. Refer to the screenshot below.
Device Monitoring
What is the average time it takes to know that your Access Point is down? How often do you
know the IP camera is down before someone informs you? There isn't a way for an
Administrator to watch all the access points, switches, cameras, client machines under their
management. Administrator needs to know what is going on within Unibox private network.
Proactive monitoring of Access Points, Switches, Cameras and Important Servers is critical to
security, network performance and the overall operations of the Hotspot.
Unibox has a built-in monitoring service that allows administrators to constantly monitor
the network elements within the network. Unibox can monitor managed switches, access
points, cameras, servers, network printer and any IP based device and will notify the
administrator in case of a failure.
Administrators can configure these monitoring elements on Google map as well thus
allowing them to easily get a bird’s eye view of the network.
Login as Admin with valid credentials and navigate to “Device Monitoring” section under
Network Tab. Click on “List Devices” tab on your left pane. List of all devices which are being
monitored by Unibox is displayed, refer to the screenshot below.
If you click on “Configuration” tab in your left pane then you can configure common
parameters required for monitoring the devices, refer to the screenshot below. Once these
parameters are configured they automatically get applied to all the devices added in the
monitoring list. For more details and significance of each parameter, refer to the table
followed by the screen shot.
Once you are done with configuration i.e. setting of common parameters for device
monitoring, you can then start adding your devices in the monitoring list. Click on the “New
Device” tab in your left pane and you will see the list of parameters to be configured for
New devices, refer to the screenshot below. For more details and significance of each
parameter, refer to the table followed by screenshot.
1 Name Enter appropriate name of the monitored device.
2 IP Address Enter the private IP address of the monitored device.
3 MAC address Enter the MAC address of the monitored device.
Enter Latitude/Longitude for the monitored device.
4 Latitude/Longitude
This is used to plot the node on a Google map.
Check/uncheck the checkbox to enable/disable
5 Enable Monitoring
monitoring for the device.
6 Monitoring Interval Select the monitoring interval in minutes.
Check/Uncheck the checkbox to enable/disable
7 Enable Notification notifications from Unibox. These are monitoring alerts
for the device if monitoring is enabled.
Enter an integer value. This decides how many failures
8 Notify After Unibox will wait before sending a DOWN alert. Used to
filter our minor network glitches.
Selecting ONCE will allow Unibox to notify for the first
9 Notify Frequency failure only. Selecting Multiple will enable Unibox to
notify failures for each monitoring cycle.
Enter the email address from where the notifications
10 From Email Address
will be sent.
11 Notify Email Enter comma separated email addresses for sending
notifications.
Sometimes you may not want to be notified when devices goes DOWN or UP. In this case
you can add devices with notifications disabled. See screenshot below.
If you no longer want your device to be monitored, you can delete device by clicking on the
“List Device” tab and then selecting the device by clicking on its Device Name. You will now
see “Delete Device” tab in your left pane, clicking on which you will be prompted to confirm
the device deletion, refer to the screenshot below. Once you confirm, device gets deleted
and is removed from the device monitoring list.
If you have huge list of devices to be monitored, it is difficult to search the device you are
looking for. Unibox provide you with the search facility based on device names, IP Address
and MAC Address, Refer to the screenshot below. In this example we search the device by
Device Name. Partial names can be used for the search but exact names will help you to get
only the device you are looking for.
Screenshot below show the Device has been searched using IP address. Again you can give
partial IP address for search but if you use the complete IP address then you only see the
device you are looking for.
Screenshot below show the Device has been searched using MAC address. Again you can
give partial MAC address for search but if you use the complete MAC address then you only
see the device you are looking for.
SNMP
Simple Network Management Protocol (SNMP) is an application–layer protocol for

managing network devices. It is a part of Transmission Control Protocol ⁄ Internet Protocol
(TCP⁄IP) protocol suite. SNMP is one of the widely accepted protocols to manage and
monitor network elements. You need to setup up SNMP Manager in order to manage or
monitor your Unibox and its Client devices. SNMP Manager will also listen to the traps sent
by UNIBOX and it can also query the Unibox SNMP Agent to collect the Management
information as defined in Unibox MIB.
Unibox SNMP agent collects configuration and real-time information about UniBox. It stores
and retrieves management information as defined in the MIBs. SNMP traps also sends
periodic heartbeats with network statistics to the SNMP manager.
You need to enable SNMP agent of Unibox and should be configured to communicate with
your SNMP Manager or your network management system (NMS).
Login as Admin with valid credentials and navigate to SNMP section under Network Tab. You can
check the “Enable SNMP Agent” checkbox to enable SNMP Agent and Check the “SNMP Trap
Settings” checkbox to enable SNMP Trap. Refer to the screenshot below.
Once you enable the SNMP Agent Settings, you can now configure your Unibox SNMP Agent. Refer
to the screenshot below. For more details and significance of each parameter, refer to the table
Check/Uncheck this Checkbox to enable or disable
1 Enable SNMP Agent
SNMP Agent.
Specify UDP port number you want to configure for
2 Port Number Unibox SNMP Agent and on which this SNMP Agent
will respond to SNMP requests. Default port is 161.
SNMP agent accepts request messages only if the
community string in the message matches its
community name. Therefore, your SNMP Manager
should always communicate with the agents along
3 Community Name with the associated community name. The default
SNMP community names are "public" for read-only
(GET) operations and "private" for read-write (SET)
operations. This acts like a password that controls
access to the SNMP information.
If you have enabled “SNMP Trap Settings” then you can configure SNMP Traps for your
Unibox. Unibox currently support “Heartbeat” trap to be enabled for Unibox. Refer to the
screenshot below. For more details and significance of each parameter, refer to the table
Check/Uncheck this Checkbox to enable or disable
1 Enable SNMP traps
SNMP Traps.
IP Address of the host where SNMP traps should be
2 Host IP Address sent. These are basically your NMS servers or SNMP
Manager.
Specify UDP port that the UNIBOX will send traps on.
3 Host Port Number
By default, port 162 is used.
This acts like a password required by the remote host
that will receive the trap. Ensure that you provide
4 Community Name correct password as expected by the remote host
which is normally your NMS server or SNMP
Manager.
5 Heartbeat Trap Check this Checkbox to enable Heartbeat Traps.
It defines the interval in minutes between the two
6 Interval heartbeats. For e.g. if it is set to 2, then heartbeat is
sent every two minutes.
Dynamic DNS
Dynamic DNS (DDNS) is an addition to the DNS standard. Dynamic DNS updates a DNS
server with new or changed records for IP addresses without the need for human
intervention. This allows a fully qualified domain name (FQDN) that never changes to be
associated with a dynamically assigned IP address that can change quite often. Unibox
supports two different DDNS service providers, NO-IP and DynDNS.
You need to register hostname on one of these DDNS service providers and then configure
UNIBOX for interacting with these service providers. First enable DDNS on Unibox and then
provide valid inputs for DDNS setting.
Login as Admin with valid credentials and navigate to “Dynamic DNS” section under Network
Tab. You need to enable Dynamic DNS feature by Checking the “Enable Dynamic DNS”
Checkbox and click on “Submit” button. Refer to the screenshot below.
Once you have enabled Dynamic DNS, you can then configure Dynamic DNS parameters,
refer to the screenshot below. For more details and significance of each parameter, refer to
the table followed by screenshot.
Check/Uncheck this Checkbox to enable or disable DDNS
1 Enable DDNS
in Unibox
Choose your DDNS server provider from the drop down
2 DDNS Provider list. This is the DDNS service provider to whom you have
registered your hostname for Unibox.
Specify the server name of your DDNS service provider.
For e.g. if you are using no-ip as your service provider
3 DDNS Server
then it will be "www.no-ip.com" whereas in case of
DynDNS it will be "www.dyndns.com".
Enter Username you registered with DDNS service
4 User Name
provider.
Enter Password you registered with DDNS service
5 Password
provider.
Specify "Free" if you are using free services from your
6 DDNS Service
DDNS provider else specify "Custom".
Enter the Hostname for Unibox, the one you registered
7 Host Name
with your DDNS provider.
Select YES if you want your Unibox updates to your
8 Use Secure Updates
DDNS server to be secured else select NO.
Select YES if you want to enable External IP Check else
9 Use External IP Check
select NO.
Server Pool
Server Pool is the list of IP addresses assigned for shared resources like servers, printers, etc
in the network. If the administrator needs to setup access for group of users to these shared
resources, he needs to configure the server pool first. The server pool will define a range of
IP addresses. Administrators can define multiple server pools and configure user access to
each of them separately.
Note: Refer to Authentication -> Group section to understand how the server pools are
assigned to group of users.
To add a new server pool, click on the “Add Server Pool” option under Network -> Server
Pool section.
Enter the name of the pool and define the IP address range for the pool. For example, to
add 8 addresses to the pool, you need to define the Netmask as 255.255.255.248.
All the server pools are listed under the “List Server Pools” page.
To change an existing server pool, click on the “Edit Server Pool” option and then press the “Edit”
button next to the given server pool. A popup window is display to change the settings.
To delete an existing pool, check the box on the List Server Pool page and click on the
delete button.
Authentication
Authentication section allows administrator to define authentication profile, manage

subscribers i.e. Users and Groups, Pass-through URLs and design Captive Portals for the
users. Each of these functions is defined in separate sections as described below.
Unibox supports both internal and external authentication modes i.e. the administrator can
use an AAA server hosted on Unibox or can interface with an external AAA server. Some
features like advanced bandwidth control, policies, user control may not be available if the
administrator uses an external AAA server.
Profiles
This section allows the administrator to select the authentication mode. Unibox can be
configured with following authentication modes:
1. No authentication mode - Authentication is disabled

2. Local authentication mode
3. Remote authentication mode
If the authentication mode is disabled then Unibox allows all clients to access the Internet
services without blocking any user. In this case, the web redirection is disabled and users
have unrestricted access to the Internet.
Local authentication mode allows the administrator to use the local AAA server. The full
version of Unibox comes with a built-in AAA server. The AAA server is integrated with a local
SQL database to store the configuration and user information.
Administrator can also configure Unibox to work with remote AAA servers when he sets
Unibox to Remote authentication mode. The remote servers are specified by selecting the
appropriate authentication profile.
Unibox also support a concept called automatic MAC register and Auto-login. The Auto-login
feature, if enabled, will attempt to automatically authenticate the MAC address of the client
from the local or remote AAA server. If the MAC is authenticated, the user’s client will
automatically get logged in.
The auto MAC register feature is useful when local authentication mode is enabled. When
enabled, Unibox will automatically capture the MAC address of the user when the user logs
in for the first time. This MAC address is added to the Auto-login database so the user is not
prompted to login again until his plan expires.
If remote authentication is enabled, then you need to first create a remote authentication
profile as shown below. Login as Admin with valid credentials and navigate to Profiles
section under Authentication Tab. Click on “New Profile” tab displayed in your left pane and
configure all the parameters as seen in screenshot below. For more details and significance
of each parameter, refer to the table below followed by screenshot.
Enter appropriate name of the profile
1 Profile Name
Primary Authentication Enter the IP address of the primary AAA server

2
Server
Secondary Authentication Enter the IP address of the secondary or backup AAA

3 server
Server
Enter the shared secret for the RADIUS client
4 RADIUS secret
Confirm the shared secret

5 Confirm RADIUS secret
Enter the authentication port for the server (default:

6 Authentication Port 1812)
Enter the accounting port for the server (default: 1813)

7 Accounting Port
Enter the NAS Identifier for Unibox. Default is the serial

8 NAS ID number of Unibox
If checked, Unibox will send interim updates for each
9 Send Interim Updates session. If unchecked Unibox will send updates once the
session is complete and user logs out.
Enter the interval in seconds for sending the interim
10 Interval packet.
Administrator can define multiple RADIUS profiles in Unibox. However one of them can be
active at a time. To view all profiles defined in Unibox, click on the “List Profiles” tab
displayed in your left pane, refer to the screenshot below.
Once the profile is created, the profile can be activated by selecting the Remote
Authentication section.
Note: Please note that all existing users will be logged off if you change the
authentication mode.
Login as Admin with valid credentials and go to “Profiles” section under Authentication Tab.
You can then select Remote Authentication as shown in the screenshot below.
Similarly you can also set the Unibox Authentication mode to Local Authentication as shown
in the screenshot below.
If administrator wants to delete unused profile created for Remote Authentication, you
should login as Admin with valid credentials and go to “Profiles” section under
Authentication Tab. You can then click on the Delete Profile tab seen on the left pane and a
confirmation message to delete profile is displayed as shown in the screenshot below. Once
you confirm, the selected profile gets deleted.
Users
The users section allows administrator to create and manage user accounts. This section will
be applicable only when user selects local authentication mode. If remote authentication is
used then the user will have to be managed on the remote server.
For a regular wireless hotspot, the user accounts are generally created by the end user by
filling the registration form. Administrators can also create user account manually in Unibox.
The section also displays all the user session history and allows administrator to control
bandwidth and sessions for each individual user. Administrator can also change the user
information, delete or suspend the user.
UniBox provides an optional feature to enable approval of users. When enabled, the users
who register online for an account need approval from the administrator before they can
login. The administrator can verify the user’s credentials before approving the user account.
The user will be able to login only after the account is approved.
Login as Admin with valid credentials and navigate to “Users” section under Authentication
Tab. You can see the list of users by clicking on the “List Users” tab in your left pane. It will
show you the list of user with various details, refer to the screenshot below.
You can search users by providing the username or userid in the search value field. See
screenshots below.
Similarly user can be searched using various fields like MAC Address, Email, Address, City,
Zip-code, Home phone, Cell phone, Status and Plan Name.
Unibox provides you with the Approval facility if you have enabled Approvals on your
Unibox. You need to login as Admin with valid credentials and navigate User section under
Authentication Tab. You can now click on the “List Approvals” tab available in your left pane.
You will see the list of all pending approvals and as a Admin you can Approve or deny the
user request. Admin also has a facility to search particular user waiting for a approval by
using Username, Full Name, Email, Address, City, State, Zipcode, Home Phone and Cell
Phone. Refer to the screenshot below for more details.
To create a new user account, login as admin with valid credentials and navigate to “Users”
section under Authentication Tab. Click on the “New User” tab displayed in your left pane
and you can configure various parameters to create new users, refer to the screenshot
below. For more information and significance of each parameter, refer to the table followed
by the screenshot.
List BYOD Devices

UniBox can be deployed as a BYOD (Bring Your Own Device) appliance. When used as a BYOD
appliance, it will allow administrators to manage the devices associated with user accounts. UniBox
is designed to automatically capture user’s MAC addresses and associate them to the usernames.
Administrator has option to add, change or remove BYOD devices associated to the users. UniBox
will automatically detect the devices on the network and will allow them to go online with the
restrictions applied to the user.
General User Details Parameters:
No Parameter Required Description

Enter a unique name for the user. The
username should not have any spaces or special
1 Username Yes
characters. Unibox automatically appends
@realm to the username.
Enter the password for the user. The password
2 Password Yes
should be 6 characters or more.
Confirm Confirm the password. It should match the
3 Yes
Password password entered in the previous field
Select the user group. If no group is added,
4 User Group Yes
then the user gets assigned to default group
If checked, Unibox will enable Autologin for this
Enable
5 No account. The MAC address will be captured and
Autologin
an Autologin entry will be created
6 Full Name Yes Enter the first and last name of the user
7 Email No Enter the user’s email address
Address, City, Enter the address, city, State, Zipcode and
State, Country information for the User
8 No
Zipcode,
Country
Home and Cell Enter Home Phone and Cell phone information
9 No
Phone for the User.
Enter the date on which the user account will
10 Expiry Date No expire. If empty, the user account will be valid
for indefinite period.
User Session Restrictions Parameters:

Enter the time period for each session. This is
1 Session Timeout No the maximum time the user will be online in a
given session
Enter the time period for idle time. The user’s
2 Idle Timeout No session will end if the computer remains idle
for more than the specified time
Enter the number of clients who can login
simultaneously using the given account.
3 Concurrency Limit No Unibox will block additional clients from
getting online once the concurrency limit is
reached
Enter the upload and download rate for the
Download /
4 No user’s account. These settings will decide the
Upload Rate
speed the user gets while browsing.
Enter the maximum upload and download
Daily
limit for each day. The user will not be able to
5 Upload/Download No
login on the given day after the upload or
Quota
download limit is reached
Enter the number of times the user can login
6 Sessions per day No on a given day. Once the limit is reached, the
user will not be able to login until midnight
Enter the total (upload and download) quota
for the user account. The total quota is
7 Usage Quota No calculated by adding up the bandwidth usage
for all users’ sessions. The user will not be
able to login once the quota is reached.
To see the Detail information about the user usage, login as Admin with valid credentials
and navigate to “Users” section under Authentication Tab. Click on the “List Users” tab in
your left pane. Select the user by clicking on its “Full Name” from the list of users displayed.
Refer to the screenshots below for more details.
The user details section displays all the information about the user. The first section displays
the user information like name, address, and contact details, date of creation, status and
session restrictions.
Unibox provide you with the Utility to Test the user login as you see in the screenshot
above. You can provide valid username and password, check whether your AAA server
authenticate the user credentials successfully. This is useful for a Admin to troubleshoot
Authentication issues. Refer to the screenshot below for more details.
Below user details you can view graphical representation of the usage details, refer to the
screenshot below:
The next section displays the live session information i.e. information about current session
for the user. If the user is online, the user’s username, IP address, MAC address, online
duration, current usage (download and upload), bandwidth rate (download and upload rate)
will be displayed. In addition, the administrator has an option to logout the user by clicking
on the logout button. If the user allows multiple concurrent sessions, then all the current
online sessions will be displayed.
Unibox also displays information about last five sessions for the user as you can see in the
screenshot above. In addition it also displays the Total Usage and Accountingn Details for
the User. Refer to the screenshot below:
Administrator can also get more session details by clicking on the User Accounting option.
The page displays all the sessions for the user in a tabular format. Each row displays the
start and end time of the session, duration of the session, the MAC address of the client,
uploads and download data and the reason for terminating the session.
Unibox also allows to search through the Accounting Information of the user. Search can be
done providing the MAC address of the user’s machine or the Start/End dates or both. Refer
to the screenshot below for more details.
Expire / Suspend User

Administrator is able to expire or suspend an active user by clicking on the ‘Expire User’ or
‘Suspend User’ option. This option is used to temporarily suspend or block the user from the
network. If the user tries to login with an expired or suspended account, the user will get a
prompt stating that his account is expired or suspended. In some UniBox versions, the
administrator can also specify the reason for suspension of the account. If the reason is
specified, it gets displayed to the user when the user tries to login from the captive portal.
Un-Expire / Unsuspend User
Similarly administrator is able to un-expire (or activate) an expired account. If the account is
instead suspended, then the administrator gets option to unsuspend the account. This
option becomes available only if the account is expired or suspended. Once the account is
activated, the user will be able to login again. You need to provide the Expiry Date while you
are Un-Expiring the User, if date is not provided then user gets unlimited validity. Refer to
the screenshot below for more information.
To enable the user for auto-login i.e. MAC address authentication, check the Enable
Autologin on the edit user page. Enter the MAC address of the wireless adapter to allow
user to automatically login next time the user gets connected to the network.
Admin can also view Agent and Authorization history by clicking on “Agent and Auth
History” tab on your left pane in User Details Page. Refer to the screenshot below for more
details.
Admin can export Users Summary reports and User Activity Report to either a PDF file or
CSV file by clicking on “Export User Activity” tab in your left pane on User Details Page. CSV
format should be preferred for larger files. Summary report highlights user’s usage
information; refer to the screenshot below for more details.
Similarly, User Activity Report has users browsing information. It collects and maintains all
URLs visited by user during his internet browsing. Refer to the screenshot below for more
details.
For deleting the unwanted users, you need to login as Admin with valid credentials and
navigate to User section under Authentication Tab. Select the User to be deleted from the
list of Users displayed by clicking on its User Name. You now have to click on “Delete User”
tab available in your left pane and confirm the deletion when prompted for confirmation.
Refer to the screenshot below for more details.
BYOD Devices
Administrator can manage the devices for the user in the BYOD device section. The List Devices
section will display all the BYOD devices associated with the user. The table displays the MAC
address, Framed IP Address (if any), date when the device was added. If auto MAC capture is
enabled, UniBox will automatically populate this table when the user logs in with the device for the
first time.
Similarly if MAC authentication is enabled, UniBox will automatically login the device when it
discovers the MAC address on the network.
This page also allows the administrator to delete multiple devices from the system. Once deleted the
device is no longer available for the BYOD configuration but may get captured again if auto MAC
register option is enabled.
Edit Device page allows administrator to change the existing BYOD devices. The administrator can
change the MAC address or assign an IP address to the device. The Framed IP address is
automatically assigned to the device when it connects to the network.
To add a new BYOD entry, click on the Add Device option. Administrator need to add the MAC
address of the device (usually the wireless MAC). If a fixed IP address needs to be assigned to the
device, enter the optional Framed IP entry.
Groups
Group is a logical collection of users to enforce group policies and bandwidth rules. Instead
of applying the rules to each individual user, the restrictions can be applied to the group and
all users associated with the group will inherit the restrictions. Group also allows
administrator to easily manage and categorize the users into logical groupings.
Administrator can create any number of groups with one of these groups as default group
or by default you have a group with name “default” as a default group. If the user account is
created during the registration process, Unibox assigns the default group to the user.
Login as Admin with valid credentials and navigate to the “Groups” section under
Authentication tab. Click on the “List Groups” tab in your left pane and you see the list of
groups displayed with details as seen in the screen shot below.
Once you see the group list, you can search a particular group from the list by providing the
Group Name in the Search field. For more details see the screenshot below:
Admin can create a new group by navigating to “Groups” section under Authentication Tab
and then clicking on “New Group” tab available in your left pane. Refer to the screenshot
below for more details. To know more details and significance of each parameter, refer to
the table followed by the screenshot.
Enter the name of the group. No spaces are
1 Group Name Yes
allowed in the group name
2 Description No Enter short description for the user group
If checked, the group becomes the default
3 Default Group No
group. There can be only one default group.
Select one or more server pool that can be
4 Server Pool No accessed by the users belonging to this user
group
Enter the time period for each session for the
5 Session Timeout No users under this group. This is the maximum
time the user will be online in a given session
Enter the time period for idle time for users
under this group. The user’s session will end if
6 Idle Timeout No
the computer remains idle for more than the
specified time
Enter the number of clients who can login
simultaneously using the given account.
7 Concurrency Limit No Unibox will block additional clients from
getting online once the concurrency limit is
reached
Enter the upload and download rate for the
Download /
8 No user’s account. These settings will decide the
Upload Rate
speed the user gets while browsing.
Enter the maximum upload and download
Daily
limit for each day. The user will not be able to
9 Upload/Download No
login on the given day after the upload or
Quota
download limit is reached
Enter the number of times the user can login
10 Sessions per day No on a given day. Once the limit is reached, the
user will not be able to login until midnight
Enter the total (upload and download) quota
for the user account. The total quota is
11 Usage Quota No calculated by adding up the bandwidth usage
for all users’ sessions. The user will not be
able to login once the quota is reached.
Enter the maximum number of BYOD devices
12 Max BYOD Limit No allowed for users under this group.
If checked, UniBox will automatically capture

the user’s MAC address and add it to BYOD
Auto MAC
13 No list. This will ensure that UniBox automatically
register
logs the user next time when s/he is
connected to the network.
To delete an existing group, click on the Delete Group option. Unibox will not allow
administrators to delete a group with active users.
Unibox allows you to export the Group Activity information to a PDF or CSV file. You need to
login as Admin with valid credentials and navigate to Groups section under Authentication
Tab. Select the Group of which you need to export the Group Activity by clicking on the
“Group Name” displayed in the Group List. You then click on the “Export Group Activity” tab
available in your left pane and select the file format for export the information. Refer to the
screenshot below for more details.
UniBox also provides an option to reset all the passwords for users under particular user group
(available in selected models). All the passwords are reset to random 6 character password. This
feature is helpful for administrators to change password for BYOD users.
Pass-through URL
Pass-through URL or wall garden link is the URL that is accessible to the users before the
user authenticates with Unibox. Pass-through URL is required for all externally hosted login
pages since the page needs to be displayed to the user before the user can enter his login
credentials.
If the login page has other links then all these URLs need to be added to the pass-through
URLs as well.
To add a new pass-through URL, click the New Pass-through URL option. You need to enter
the complete URL (including the http or https) option for the URL.
Since Unibox needs to be restart its authentication service and existing users might get
disconnected, the administrators should add URLs before allowing users on the network.
If you no longer need any of the pass-through URL then you can delete it by selecting the
URL from the list of URL’s displayed by clicking on the URL. Then you click on the “Delete
Pass-through URL” tab available in your left pane, it will prompt you to confirm the deletion
and once confirmed URL gets deleted. Refer to the screenshot below.
Portals
Portal page is the login page or captive portal that is displayed to the user when the user
connects to Unibox. The portal page is displayed only when authentication service is
enabled. The portal page has option to enter the login credentials and may also provide an
option to register for the service.
Unibox offers wide range of choices for the portal page. Administrator can use
1. Default predefined portal page

2. Unibox hosted portal page
3. Externally hosted portal page
The default portal page is non-customizable, pre-defined login page. The administrator can
use the page if he doesn’t need any customization or wants us to just test the page. The
page has option to enter both the username and prepaid code. The default page will display
Wifi-soft logo and is not customizable.
Login as Admin with valid credentials and navigate to Portals Section under Authentication
Tab. Click on the “List Portals” tab in your left pane to see the list of available portals with
page information, Refer to the screenshot below for more details.
You can configure and do portal page setup for your Unibox by clicking on the “Portal Page”
tab available in your left pane on PORTALs page under Authentication. You can select either
the default portal or internal portal (resides locally on Unibox) or the portal page residing on
the remote machine.
Refer to the screen below on setting your portal as Default Portal and Welcome URL as
“Session Status”. The default portal page is non-customizable, pre-defined login page. The
administrator can use this page if he doesn’t need any customization or wants us to just test
the page. The page has option to enter both the username and prepaid code. The default
page will display Wifi-soft logo and is not customizable. You can also set your welcome URL
to which user navigates after successful authentication. Unibox provides you with default
Welcome URL which displays the session details of the logged in user.
Refer to the screenshot below to know how your Default portal looks like:
For more information about the Session Status Welcome URL, refer to the screenshot
below:
Similarly you can set your Unibox Portal Page as Internal Portal Page (local Page on Unibox)
and Welcome URL as Customized URL, Refer to the screenshot below for more details.
Internal Portal page can be built and designed as per your requirements. Unibox provides a
comprehensive portal page design tool that allows administrators to create customized
portal page using simple click-and-customize method. The portal page provides various
billing and authentication methods thus allowing administrators to design page based on
existing templates. We will go through this in “New Portal” section in more details.
Lastly Unibox also supports externally hosted portal page. The page can be hosted on any
web server provided the page has login script needed to authenticate against Unibox. Please
review ‘How to configure external portal page’ for more details. Please note that the
domain name of the external web server needs be added to Pass-through URL.
Unibox allows you to set the default parameters for Portal Page Design in case you are
creating multiple pages. Every Portal Page creation Wizard will inherits this default values
while creating or designing new Portal Page. For more details see the screenshot below.
You can choose for a self Signed Certification to enable secure login. In portals section under
Authentication Tab, you need to click on “certificate” tab in your left pane. The future
versions of Unibox will provide an option to upload SSL certificates for secure login. The
current version supports only self signed certificates. If you enable this option by clicking on
“Submit” button, Unibox will use SSL login method.
Unibox provides you with a Portal Creation Wizard for Internal Portal. Login as Admin with
valid credentials and navigate to the Portals section under Authentication Tab. Clicking on
the “New Portals” tab available in your left pane and the wizard will guide you to design
your portal page step by step. Refer to screenshot below which is the first step to design
your page. You need to select the Template, Enter valid Page Name, Title, Web Access
method, selecting whether it is paid or free service, choosing the billing method, Choosing
the Term and conditions, Selecting Google Authentication method if required and enabling
Approval if required. Refer to the screenshot below for more details.
After you have provided all details based on your requirements, you can proceed further by
clicking on the “Proceed” button at the bottom of the page. You are now presented with
another page where in you need to provide more inputs which will help customize your
portal page. Refer to screenshot below to know more.
On the next page, you have to select the Theme (Color Schema of your Portal Page), then
the plans if it is paid portal, Body text for your portal and Term N Conditions. Once you are
done with entering all the desired values then you can complete your portal design by
clicking on the “Finish” button at the bottom of your Page. You can then configure your
Unibox to use this Internal Page as your Portal Page.
Uploading your Logo: You need to click on the “Change Logo” at Top Left Corner and it will
ask you to upload your logo File. Logo is best viewed with dimensions 150 * 100 pixels. Refer
to the screenshot below for more information.
Uploading your Banner: You need to click on the “Change Banner” at Top Middle of your
page and it will ask you upload your Banner File. Banner is best viewed with dimensions 780
* 250 pixels. Refer to the screenshot below for more information.
For more details on every parameter and inputs you provide during portal design, refer to
the table below:

1 Template Yes Select the template design
2 Page Name Yes Enter the name of the portal page
3 Title No Title of the page.
Select whether the portal page is secure or non-
secure. If secure, certificate needs to be
4 Web Access Yes
configured in Unibox for the portal page to work
correctly.
If the service is offered for free, select Free portal
5 Paid/Free Portal Yes
option else select paid.
If Free portal is selected, then free options are
offered –
 Free Registration: User can
register for a free account. No credit card or
billing information is needed
 Free with username/password:
The login page has username and password field.
 Free without Login: The user
doesn’t need to enter any login information. The
user can login by clicking on the login button
Free / Billing
6 Yes
Options
If paid option is selected, then Billing options are
presented –
 Prepaid Cards: The login page
will have an option to enter access/prepaid code
 Credit card/PayPal: the login
page will provide an option to register for a new
account using credit card or PayPal
 Both: In this option both prepaid
and credit card registration option is available to
the user.
If checked the user will need to accept the terms
Has Terms &
7 No and conditions before logging in. The terms are
Conditions
displayed as a text box or as a link on the page.
If checked, the registration will need to be
Approval approved by the administrator before the
8 No
Needed account is activated. The Approval feature needs
to be enabled in the profile section.
Screenshot below shows the portal creation for Free Registration with Username and
Password.
Screenshot below shows the portal creation for Free User without Username and Password.
Control
Bandwidth management and control is very important for any shared, public network. Given
the explosive growth of rich media on the Internet, the bandwidth requirement has grown
exponentially and the network operators constantly struggle to implement fair utilization of
the shared bandwidth.
An unmanaged, public network is susceptible to unrestricted bandwidth usage. A single user

running Bit Torrent or file sharing application can virtually hog the bandwidth thus leaving
other users short of bandwidth.
Unibox provides comprehensive tools to manage and share the Internet bandwidth on a
public network. Besides implementing bandwidth rates for users, administrators can also
configure various policies to punish offending users and dynamically shape the bandwidth
based on real-time network traffic.
Unibox allows you to configure various policies like Date and Time, Relogin, Variable
Bandwidth, Load Balancing and Fair Usage Policy. Let see these policies one by one.
Policies
Note: Policies can be applied only when your UNIBOX is set in local authentication mode.
Login as Admin and navigate to Policies section under Control Tab. You can click on the “List
Policy” tab available in your left pane. It will display the list of policy types supported by
UNIBOX. You can configure these policies to implement usage rules on the network. Refer to
the screenshot below for more details.
No Policy Name Description

Use this policy to restrict access to users at certain
1 Date & Time
time of the day or days of the week.
This policy will automatically degrade users
2 Relogin
bandwidth for over usage
Dynamically changes users bandwidth after the
3 Variable bandwidth
given online time.
Dynamically change the user’s bandwidth based on
4 Load Balancing
the load on the network.
The fair usage policy is a run-time policy. This
allows the administrators to curtail the bandwidth
5 Fair Usage Policy
usage of heavy Internet users thus enforcing a fair
usage policy on the network.
If you want to see the list of policies created, you need to click on the “Policy Type” from the
list of policy names listed. For example, if you click on “Date & Time”, you will see the list of
Date and Time policies created on Unibox. Refer to the screenshot below for more details.
Date & Time Policy
The date and time policy allows administrator to restrict user access to the network at a
given time period (or time periods) and days of the week. This policy is especially useful for
wireless networks that want to prevent the users from using the Internet after the
operation hours. The administrator can specify the hours of operations for the venue and
Unibox will automatically block the user’s access outside the operation hours. Same holds
true for the day of the week.
To implement this policy, you need to first enable the policy as shown below.
Once you click on the Submit button, policy gets enabled as you can see in the screenshot
below.
Now you will be able to add Date and Time Policies by clicking on the “New Date & Time
policy” tab displayed in your left pane. Policy gets applied to the group of users you select
during the policy creation. You will be asked to configure various parameters with valid
values. Refer to the screenshot below for more details. For more details and significance of
each parameter’s refer to the table followed by the screenshot.
1 Policy Name Yes Enter valid Policy Name for Date and Time Policy
Select the Group from the dropdown list on which
2 Group Yes
you want to implement the Date and Time Policy
Select the Days on which you would like to allow
3 Days of Week Yes access to the End Users. You can either select
"Everyday" or the Days of the week.
Select the Starting and Ending hour between which
you would like to allow access to the user on their
4 Time of Week Yes
selected days. You can also enter multiple comma
separated time slots. For e.g. 10-13, 14-18
You can also delete the Policy if it is not longer needed. You need to login as Admin with
valid credentials and navigate to the Policies section under Control Tab. You can then click
on the Policy Type e.g. Date & Time, from the list of Policy types displayed. Once you click
on the Policy type, you will see the list of policies created; select the policy to be deleted by
clicking on the Policy Name. Click on the “Delete Date and Time Policy” tab displayed in your
left pane and you will be prompted for confirmation before you delete the policy. Once
confirmed policy gets deleted. See screenshot below for more details.
Relogin Policy
The Relogin policy controls what bandwidth to offer the user if the user uses the internet for
more than allotted number of times. This policy is useful for small hotspots like those in
cafes, restaurants or shopping areas. Ideally this policy should be used in conjunction with
Session Timeout value to become effective.
For example, if the administrator wants to discourage users from using the Internet at the
venue after certain number of hours, he can set the session timeout for the user session to a
fixed time – say 1 hour. After one hour, the user is free to login again; however, if the
Relogin policy is set then he will get reduced bandwidth during the next login. The idea is to
discourage the users from using the Internet by providing them reduced bandwidth.
To enable the policy, check the Enable option as shown in the screenshot below.
Now you will be able to add Relogin Policies by clicking on the “New Relogin policy” tab
displayed in your left pane. Policy gets applied to the group of users you select during the
policy creation. You will be asked to configure various parameters with valid values. Refer to
the screenshot below for more details. For more details and significance of each
parameter’s refer to the table followed by the screenshot.

1 Policy Name Yes Give a name to the policy
Select the user group to whom the policy will apply.
You can define only one Relogin policy for a given
2 Group Yes
user group. Policy will be applied to all users under
this group.
Enter the number of sessions after which the policy
3 Maximum Login Yes
will take effect.
Upload Enter the upload bandwidth to provide after the
4 Yes
bandwidth policy takes effect
Download Enter the download bandwidth to provide after the
5 Yes
bandwidth policy takes effect.
on the Policy Type e.g. Relogin, from the list of Policy types displayed. Once you click on the
Policy type, you will see the list of policies created; select the policy to be deleted by clicking
on the Policy Name. Click on the “Delete Relogin Policy” tab displayed in your left pane and
you will be prompted for confirmation before you delete the policy. Once confirmed policy
gets deleted. See screenshot below for more details.
Variable Bandwidth
The variable bandwidth policy is similar to Relogin policy expect the user’s bandwidth is
changed dynamically while the session is in progress and the bandwidth changes after a
given time period.
Unibox will track the online time of the user and after the given time period is exceeded, the
user’s bandwidth changes automatically to the specified rates. This policy is ideal for free
wireless hotspots who want to restrict its users to certain time period.
Note: This policy will only work if local authentication is selected.
To enable the variable bandwidth policy, check the Enable option as shown in the
screenshot below.
The policy is applied to a group of users i.e. all the users under the group will be controlled
using the policy.
Now you will be able to add Variable Bandwidth Policies by clicking on the “New Variable
Bandwidth policy” tab displayed in your left pane. Policy gets applied to the group of users
you select during the policy creation. You will be asked to configure various parameters with
valid values. Refer to the screenshot below for more details. For more details and
significance of each parameter’s refer to the table followed by the screenshot.

You can define only one variable bandwidth policy for
2 Group Yes
a given user group. Policy will be applied to all users
under this group.
Upload Specify the upload bandwidth along with the time
3 Yes
bandwidth period in minutes
Download Specify the download bandwidth along with the time
4 Yes
bandwidth period in minutes
on the Policy Type e.g. Variable Bandwidth, from the list of Policy types displayed. Once you
click on the Policy type, you will see the list of policies created; select the policy to be
deleted by clicking on the Policy Name. Click on the “Delete Variable Bandwidth Policy” tab
displayed in your left pane and you will be prompted for confirmation before you delete the
policy. Once confirmed policy gets deleted. See screenshot below for more details.
Load Balancing Policy
Load balancing policy allows administrator to do a fair allocation of network bandwidth. The
policy works as follows: –
When enabled, Unibox tracks the number of the active sessions and dynamically allocates
the bandwidth rate to each user. The bandwidth is equally shared thus it prevents a single
session from hogging the bandwidth. The algorithm to allocate the bandwidth takes into
account only the active sessions (users actively using the bandwidth) instead of all online
users thus ensuring fair sharing among the users. The bandwidth rates are adjusted
dynamically based on the current active sessions and total available bandwidth.
Note: This policy will only work if local authentication is selected. You can enable this policy
by checking the “Enable this Policy” checkbox as shown in the screenshot below.
Now you will be able to add Load Balancing Policies by clicking on the “New Load Balancing
policy” tab displayed in your left pane. Policy gets applied to the group of users you select
during the policy creation. You will be asked to configure various parameters with valid
values. Refer to the screenshot below for more details. For more details and significance of
each parameter’s refer to the table followed by the screenshot.
2 Group Yes
Policy will be applied to all users under this group.
Upload Specify the upload bandwidth available for load
3 Yes
bandwidth balancing policy.
Download Specify the download bandwidth available for load
4 Yes
bandwidth balancing policy.
on the Policy Type e.g. Load Balancing, from the list of Policy types displayed. Once you click
on the Policy type, you will see the list of policies created; select the policy to be deleted by
clicking on the Policy Name. Click on the “Delete Load Balancing Policy” tab displayed in
your left pane and you will be prompted for confirmation before you delete the policy. Once
Fair Usage Policy
This page allows administrator to create policy for specific group to degrade the bandwidth
rate (upload and download) for current users of that group after they crossed the data
usage limit (within certain time frame, if specified).
Using this policy, administrator can find users who are using extensive amount of data
transfer, which may cause traffic congestion on the network. This helps to give the desired
Internet usage experience to all users, since broadband is a shared bandwidth experience
and the over-usage of few individuals must not affect the rest.
This policy is applied on real-time based on the data usage of online users. You can enable
this policy by checking the “Enable this policy” checkbox as seen in the screenshot below.
Now you will be able to add Fair Usage Policies by clicking on the “New Fair Usage policy”
tab displayed in your left pane. Policy gets applied to the group of users you select during
the policy creation. You will be asked to configure various parameters with valid values.
Refer to the screenshot below for more details. For more details and significance of each
parameter’s refer to the table followed by the screenshot.
1 Policy Name Yes Name of the policy.
Select the user group on which the policy restrictions will
2 Group Yes
be applied.
Maximum Data Maximum data usage (upload and download both)
3 Yes allowed to the user of a group
Usage
Consider the data usage of user only within certain
timeframe to apply the restrictions. If timeframe is not
4 TimeFrame No
specified, combined data usage of the user account from
beginning will be considered.
Specify the Upload bandwidth rate to which you want to
Upload
5 Yes restrict the user under the group after data usage limit
bandwidth crossed.
Specify the Download bandwidth rate to which you want
Download
6 Yes to restrict the user under the group after data usage limit
Bandwidth crossed.
If checked, data usage of all users belonging to the group
is calculated based on MAC address, thus each user's data
usage will be different even though he is using common
Apply to
username.
7 concurrent No
users If unchecked, then data usage is calculated based on
username, thus combined data usage of all users using
same username will be considered to apply the policy.
on the Policy Type e.g. Fair Usage, from the list of Policy types displayed. Once you click on
the Policy type, you will see the list of policies created; select the policy to be deleted by
clicking on the Policy Name. Click on the “Delete Fair Usage Policy” tab displayed in your left
pane and you will be prompted for confirmation before you delete the policy. Once
Bandwidth Control
This section allows administrator to configure bandwidth rules based on ports or well
known protocols. The bandwidth control in Unibox works as follows –
Administrator needs to define maximum upload and download bandwidth rates and then
define percentages for low, medium, high and very high bandwidth rates. The percentage
total should be 100%. Once the rates are defined, administrator can define various rules for
the traffic going through Unibox. For example, the HTTP, SMTP traffic can be high priority
while FTP can be given low priority. Administrator can define custom rules by specifying
source and destination IP addresses and port numbers. In addition, administrator can define
the sequence in which the rules will be executed.
Once the rules are applied, Unibox will inspect the traffic and will use queuing algorithm to
implement the bandwidth control on the packets based on the defined rules.
Login as Admin with valid credentials and navigate to Bandwidth Control section under
Control Tab. You can click on “List Rules” tab displayed in your left pane to see the list of
existing rules on Unibox. Refer to the screenshot below.
The rule sequence can be changed by clicking on Up and Down icons displayed in the last
column named “Move”. The rules are executed from top to bottom. In case of conflict in the
rules, the last rule will take precedence i.e. it will supersede the previous rule.
Before your start created New Rule for your Unibox you need to first define the Data rates
for your Traffic. Refer to the screenshot below for more details. More information and
significance of each parameter refer to the table followed by the screenshot.

Total Upload Total upload bandwidth rate available for
1 Yes
Rate implementing bandwidth control
2 Total Download Yes Total download rate available for implementing
Rate bandwidth control
Specify what percentage of available bandwidth
3 Low Data Rate Yes
should be allotted to low rate traffic
Average Data Specify what percentage of available bandwidth
4 Yes
Rate should be allotted to average or medium rate traffic
5 High Yes
should be allotted to a High rate traffic
6 Very High Yes
should be allotted to a Very High rate traffic
Once the data rates are defined, administrator can create a new bandwidth rule. To define a
bandwidth rule, Login as Admin with valid credentials and navigate to Bandwidth Control
section under Control Tab. Click on the “New Rule” available in your left pane. You now
need to configure parameter displayed to create a Rule. You also have an option to select
predefined ports or specify custom addresses and ports. When specifying custom settings,
you will have to select whether the rule applies to TCP or UDP traffic. Refer to the
screenshot below for creating a SIMPLE rule, also the table followed by the screenshot
provide information and significance of each parameter required to be configured for
creating Rule. In our example below we have applied Rule to the HTTP traffic towards WAN.
Since we have set the priority as “High”, HTTP traffic towards WAN will get 30% (in DATA
Rate definition we have configured High as 30%) of available bandwidth.

1 Rule Name Yes Enter the name of the rule
Select whether the rule applies to traffic from or to
2 Traffic Direction Yes
WAN port
Select "Simple" if you want to apply Rule on
3 Simple/Advanced Yes predefined Network Applications. If you want to
customize then use "Advance".
Select the Application from the dropdown list on
4 Application Yes
which the Rule should be applied.
Select the priority to apply to this rule. The
5 Priority Yes
bandwidth will be allotted based on the priority
Similarly you can create Rule using Advance configuration. You will have to configure
parameters as seen in the screenshot below. For more information and significance of each
parameter, refer to the table followed by screenshot. In the example below any traffic
getting generated on Port No. 80 of system with IP 10.10.10.16 to the remote system’s port
no. 80 which in WAN network with IP 108.106.99.16 will have priority AVG i.e. 10% (in DATA
Rate definition we have configured AVG as 10%) of the available bandwidth. If you don’t
specify IP in source destination then it applies for entire Network with a particular Port
number. Similarly if the Destination IP is not provided then rule gets applied to all outward
traffic towards WAN on a mentioned port number. If you don’t specify any of IP address or
Port numbers then Rule applies to all outward TCP traffic since we have selected protocol as
TCP. If you select UDP then all outward UDP traffic gets affected with the rule.

1 Rule Name Yes Enter the name of the rule
Select whether the rule applies to traffic from or to
2 Traffic Direction Yes
WAN port
Select whether to use predefined target for the rule
3 Simple/Advanced Yes
or specify custom one
4 Application Yes Select the application to which the rule will apply
5 Source IP No In case of advanced mode, enter the source IP for
the rule
In case of advanced mode, enter the destination IP
6 Destination IP No
for the rule
7 Source Port No Enter the port number of the source
8 Destination Port No Enter the port number of the destination
Select whether the custom rule will apply to TCP or
9 Protocol Yes
UDP traffic
Select the priority to apply to this rule. The
10 Priority Yes
bandwidth will be allotted based on the priority
To delete all the rules, you need to login as Admin with valid credential and navigate to the
Bandwidth Control section under Control Tab. Click on the “Delete All Rules” tab displayed
in your left pane and you will prompted for confirmation before deletion. Once confirmed
all the Rules get deleted. The bandwidth control will seize immediately if the rules are
deleted. Refer to the screenshot below for more details.
You can also delete a Single rule by navigating to Bandwidth control section under Control.
Click on the “List Rules” tab available in your left pane and select the Rule by clicking on the
“Rule Name”. Now you need to click on “Delete Rule” tab available in your left pane and
reconfirm the rule deletion when prompted. Refer to the screenshot below for more details.
Content Filtering (Selected Models)
Unibox provides a built-in content filtering module to block undesired content on the public
network. Content filtering allows the administrator to specify rules to restrict users from
downloading certain content from the Internet. To implement content filtering, first all the
websites are categorized into different domains or categories. The administrator can select
the categories to block on the network. All websites listed in the category/domain will get
blocked. If the user tries to browse to the blocked website, s/he will be redirected to
another URL that the administrator specifies in Unibox. Usually this URL will display a
warning message to the user indicating that the desired content is blocked and his action is
logged by the administrator. Giving appropriate message to the user will ensure that the
user will not attempt to visit the blocked content again in the future.
Before enabling content filtering, you need to enable the proxy service in Unibox. Login
Admin with Valid Credentials and navigate to “Caching / Proxy” section under Tools Tab.
Refer to screenshot below for more details.
You can now enable Content filtering, Login as Admin with Valid Credentials and navigate to
“Content Filtering” section under Control Tab. You need to specify the Redirect URL that
gets displayed to the user every-time the user browses to a blocked content. Administrator
can host this web page on their web server and show appropriate message to the user.
Refer to screenshot below for more details.
Once the content filtering service is enabled, administrator needs to select the domains
(categories) to block. You need to click on the “Manage Domain” tab available in your left
pane to see the domains available for content filtering. All available URLs on the Internet are
categorized in these domains. Unibox updates all these domains once in every month. They
are updated on every 1st day of month at 2:51:00 AM. Administrator can select one or more
domains to block. Refer to the screenshot below for more details.
It is also possible to define exceptions for the content filtering service i.e. administrator can
selectively allow certain URLs to be added or removed from the blocked list. For example, if
the administrator wants to block all social media websites but only allow facebook on the
network then he can remove the facebook from the blocked sites. Similarly if a website is
not categorized in the domain then administrator can selectively add the URL to the block
sites. Also if you want to block a particular site within the domain and not the entire
domain, you can do so by adding that site as an exception to the block list. Login as Admin
with valid credentials and navigate to “Content Filtering” section under Control Tab. Click on
the “Exceptions” tab available in your left pane to Add or remove the URL from the blocked
list.
The screenshot below explains how to add exceptions to the content filtering rules.
The screenshot below explains how to remove exceptions from the blocked list of content
filtering. Administrator can also define complete blocking of particular domain e.g. youtube
by specifying *.youtube.com. This will block all the subdomains associated with
youtube.com.
You can also delete multiple exceptions by selecting them and clicking on “Delete Selected”
button as seen in the screenshot above.
Traffic Analysis (Selected Models)
Note: Traffic analysis may slow down the performance of Unibox so it needs to be used sparingly.
Traffic analysis is used to detect users who are transferring certain type of traffic on the
network and alerting the administrator when that happens.
Today’s networks are increasingly becoming overloaded by high bandwidth application like
BitTorrents, online games, peer-to-peer applications, spam emails and other applications.
These applications hog significant portion of network bandwidth thus leaving the remaining
clients starved of bandwidth. This is especially true for public networks like wireless
hotspots.
Unibox provides you with “Traffic Analysis” Tool to solve this problem by perform non-
intrusive traffic analysis. Unlike classical traffic inspection tools, Unibox traffic analysis
engine tries to perform a light-weight inspection without hampering the performance or
speed of the network. However, any traffic inspection does impose additional load on the
CPU and will invariably reduce the performance of the network. So, traffic inspection needs
to be used sparingly and only when the administrator suspects that the network
performance is slowing because of unwanted traffic from Bit Torrent or P2P applications.
The traffic analysis service allows you to alert the administrator by email if any of the rules
matches the user’s traffic and he can then apply various usage restrictions as felt necessary.
The administrator needs to take the corrective action like blocking the user from the
network or warning the user.
To use traffic analysis, you first need to enable Traffic Analysis feature of Unibox.
Login as Admin with valid credentials and navigate to Traffic Analysis section under Control
Tab. You need to check the “Enable Traffic Analysis” checkbox and click on submit button to
save changes. Refer to the screenshot below for more details.
Traffic analysis runs every 3 minutes in the background once it is enabled. Analyzing traffic
data take significant CPU cycles and administrators will experience slowdown in Unibox
performance when traffic analysis is in progress. Please keep the traffic analysis module
usage minimal as possible if you have load on your network.
Once you have enable Traffic Analysis, you can now start adding rules for Traffic Analysis.
The rules are executed from top to bottom.
Login as Admin with valid credential and navigate to Traffic Analysis section under Control
Tab. Click on the Configuration tab seen in your left pane and you can then start configuring
your rule. So here is an example, let’s configure a rule to detect users playing Counter Strike
online game. Once you configure this rule, Unibox will start analyzing the Traffic and will
alert the administrator when any of the users start hogging the bandwidth by playing the
Counter Strike Game. Refer to the screenshot below for more details. For more information
and significance of each parameter refer to the table followed by screenshot.

1 Select Category Yes Select the category of the traffic.
Select one of the predefined rules otherwise select
2 Select Rule Yes
the custom rule
Enter the name of the rule. For predefined rules,
3 Rule Name Yes
the name is already entered.
Enter the protocol for the traffic that needs to be
4 Protocol Name No
scanned. Leave empty if it is not applicable
Enter the source IP address of the source. If this
5 Source IP No field is filled then the traffic from the particular IP
will be scanned against the traffic rules
6 Source Port No Enter the port number of the source.
Enter the destination IP address. If the field is filled
7 Destination IP No then the traffic to the destination will be scanned
against the traffic rules
Enter the port number of the destination. For many
Destination
8 No user applications the destination ports are well
Port
known and can be found on the Internet.
Currently only email action is allowed. If selected,
9 Action No enter the email address that will receive the
notifications from Unibox with any rule matches.
Let’s take one more example and configure the rule for detecting Bit Torrent Traffic on your
network. In this example we will try to put restrictions on user’s access once the rule is
detected. The administrator can configure the settings so that the user’s current session
settings are automatically changed when the rule matches. For example, the administrator
can automatically reduce the bandwidth of the user when Unibox detects that the user is
using Bit Torrent on the network. In our example the moment user is detected using
BitTorent he will get imposed with the restriction as shown in the example below. Refer to
Similarly Unibox administrator can keep on adding Rules to analyze particular Traffic on his
network and take corrective actions when the Rule gets detected. Once the rules are added,
they are listed one below the other as shown in the screenshot below. Unibox will execute
these rules one by one.
To delete an existing rule, click on the delete button displayed in the rightmost column, as
seen in the screenshot above.
Unibox also provide you with the report on all the traffic captured based on the Traffic
Analysis rules. As seen in the screen shot below you can see the Rules detected versus
Users.
You can also search through reports either by Username, Rule or Days. Refer to the
Billing
UniBox comes integrated with a comprehensive billing module that allows administrator to
setup billing plans or generate prepaid codes. The billing module can be easily integrated
with the internal portal pages to provide online registration option to the end users. UniBox
currently supports authorize.net and PayPal.std payment gateway. New payment gateway
support will be added in the future revisions.
To charge end users using credit cards, administrator needs to define billing plans and
configure the payment gateway details. If the administrator plans to use payment gateway
like authorize.net then s/he needs to setup the merchant account with the payment
gateway. The details of the merchant account are entered in the Unibox. When the user
registers for a new account, Unibox passes the credit card details to the payment gateway
for processing. If the card is charged successfully, the user’s account is created in subscriber
table and user is given access based on the billing plans he selects.
Similarly, administrator can create different types of prepaid (access) codes in Unibox. These
prepaid codes are exported and can be printed on business card sized paper for distribution.
The end user can enter the prepaid code on the portal page and gain access to the network
(Internet) for the allotted time.
Billing Configuration
Administrator need to define some basic settings for billing module. Login as Admin with
valid credentials and navigate to Admin section under Billing Tab. Click on “Billing
Configuration” tab in your left pane and complete the configuration for various parameters
as seen in the screenshot below. For more information and significance of each parameter
refer to the table followed by screenshot.
Enter the email address from where the billing
From Billing
1 Yes notifications are sent. Normally this will be your
Email
Billing Departments email ID.
Manager Enter Manager’s Name who is managing your
2 No
Name Hotspot
Manager Enter Manager’s Phone who is managing your

3 No
Phone Hotspot
If checked, new user registrations are notified to
Notify
4 No the configured email addresses. This is normally
Registrations
your Unibox Administration Team Email ID.
Enter comma separate email addresses that will
New
receive the notification emails. It sends
5 Registration No
notifications to all email ids mentioned here
Emails
upon successful new Registration.
Daily Signup Enter comma separate email addresses that will
6 No
Emails receive the summary email of daily signups
Select the email template that will be used for
Signup Receipt
7 No sending Signup email to the end user when the
Template
registration is complete.
Payment Gateway Configuration

The payment gateway is used to process credit card payments of end users. Unibox
currently supports Authorize.Net and Paypal.std payment gateways. For Authorize.Net,
Administrator needs to first setup a merchant account with a bank for credit card
processing. Once the merchant account is setup, he needs to setup an authorize.net
account and configure it for API access.
Authorize.Net provides API username and transaction key (password) for accessing the
credit card payment services. This information is configured under this section.
Login as Admin with valid credentials and navigate to Admin section under Billing Tab. Click
on “Payment Gateway Configuration” tab displayed in your left pane and configure various
parameters like Merchant ID and PIN Code as seen in the screenshot below.
During Gateway Configuration you also configure your Unibox in Test Mode as seen in the
screenshot above. If you check “Test Mode” then this will help you to verify your Gateway
Configuration. Entire Payment process happens as usual but actual money transfer doesn’t
take place. So this helps you to configure your Unibox in best possible way. Once you are
satisfied and have ensured that Gateway Configuration works perfectly then you can
uncheck the “Test Mode” to enable real time operations.
Similarly you can also configure the Payment gateways as PAYPAL by selecting PayPal.Std
from the dropdown list displayed for “Select Payment Gateway”. Once you select PayPal as
your payment Gateway, you also need to provide PayPal ID and Currency in which you are
going to operate. Refer to the screenshot below for more details.
SMS Gateway Configuration
You can also configure your UNIBOX for using SMS Gateways. Once your Unibox is
configured for SMS Gateway, it will help end user to register and signup using his mobile
number. End user register’s using his Mobile number and SMS gateway will send him auto
generated code on his mobile via SMS. End user can then login to Unibox using this code
just like prepaid codes.
Login as Admin with valid credential and navigate to Admin section under Billing Tab. Click
on the “SMS Gateway Configuration” tab displayed in your left and configure various
parameters for SMS Gateway. Following example shows configuring “Gupshup Enterprise”
as your SMS Gateway. You need to enter valid values for parameters like API
Username/Password, SMS Template and Gupshup Template. You also have a choice to use
SMS Template provided by Unibox. Refer to the screenshot below for more information.
Unibox also support SMSGatewayHub as SMS Gateway. Configure SMSGatewayHub as
shown in the screenshot below. You need to provide valid API Username and Password.
Plans
Administrator needs to define billing plans in Unibox before charging the end users. These
billing plans are displayed on the login portal. The end user selects one of the plans and then
makes the payment online using his/her credit card.
Unibox offers three different types of billing plans –

Fixed Time Plan
The time period in this plan is fixed and the plan gets activated as soon as it gets created.
The user needs to use the service during the defined time period. Once end user starts using
this plan, it gets expired after the defined period in the plan irrespective of his usage time
and user is no longer allowed to browse internet.
Time Usage Plan
In this plan, the end user purchases certain amount of time that needs to be used within the
validity period mentioned in the plan. The end user is free to use the time period as he
desires but the total online time can’t exceed the amount of time mentioned in the Plan. In
addition, if the amount of time is not utilized within the validity period, the plan expires
irrespective of his usage time.
Bandwidth Usage Plan
The end user purchases an amount of bandwidth that needs to be utilized within the given
time period (validity period). The end user is free to utilize the bandwidth as he desires but
the total bandwidth can’t exceed the allotted bandwidth. If the bandwidth is not utilized
within the validity period, the plan expires and user is no longer allowed to browse internet.
List Plans
To view the list of all plans defined in Unibox, click the List Plans option. Unibox displays the
plan ID along with the details of the plan. The plan ID is useful to configure the plans on
external portal pages.
The plan ID needs to be passed along with the user details while creating a new account.
Unibox uses the Plan ID to determine the amount to charge the user and the duration of the
plan.
Login as Admin with valid credentials and navigate to Plans section under Billing Tab. Click
on the “List Plan” tab available in your left pane to see the list of existing plans in your
Unibox. Refer to the screenshot below for more details.
New Plans
You can also create new plans in Unibox based on your requirement and users demand. You
need to login as Admin with valid credentials and navigate to Plans section under Billing Tab.
Click on “New Plan” tab available in your left pane and configure various parameters to
create a Plan. As already mentioned, Unibox allows you to create three different types of
plan. Example below shows how to create Fixed Time Plan. Refer to screenshot below for
more details. For more information on each parameter and its significance, refer to the
table followed by screenshot.
Select Plan
1 Yes Select Fixed Time Plan from the drop down list.
Type
Enter the name of the billing plan. Recommended
2 Plan Name Yes convention is to use the duration of plan with
amount. E.g. One day 5 USD
Enter the amount to charge for the plan. Floating
3 Plan Fee Yes
numbers are also allowed.
The users selecting this plan will be assigned to
4 User Group Yes
the selected user group
Select the time unit from the dropdown list and
5 Time Period Yes
enter time period accordingly.
6 Description No Short description of the Plan.
Enter the upload bandwidth rate for the plan. This
7 Upload Speed No
field is Optional.
Download Enter the download bandwidth rate for the plan.
8 No
Speed This field is Optional
Similarly you can create Time Usage Plan, refer to the screenshot below. For more
information and significance of each parameter, refer to table followed by the screenshot.
Select Plan
1 Yes Select Time Usage Plan from the drop down list.
Type
Enter the name of the billing plan. Recommended
2 Plan Name Yes convention is to use the duration of plan with
amount. E.g. One day 5 USD
3 Plan Fee (USD) Yes
The users selecting this plan will be assigned to the
4 User Group Yes
User Group selected here from the drop list.
Enter the amount of time period allotted to the
5 Usage Time Yes plan. The plan will expire after the user uses the
given chunk of time.
Enter the time period for validity of the plan. The
6 Validity No plan will expire after the validity period irrespective
of the remaining usage time.
6 Description No Short description of the plan
Enter the upload bandwidth rate for the plan. This
7 Upload Speed No
field is Optional.
Download Enter the download bandwidth rate for the plan.
8 No
Speed This field is Optional.
You can also create Bandwidth Usage Plan, refer to the screenshot below. For more
information and significance of each parameter, refer to table followed by the screenshot.
1 Select Plan Type Yes Select Bandwidth Usage Plan
2 Plan Name Yes Enter the name of the billing plan.
3 Plan Fee Yes
The users selecting this plan will be assigned to the
4 User Group Yes
selected user group
Enter the amount of total bandwidth allotted to the
5 Bandwidth Limit Yes plan. Total bandwidth will include upload and
download bandwidth.
Enter the time period for validity of the plan. The plan
6 Validity No will expire after the validity period irrespective of the
remaining usage time.
6 Description No Short description of the plan
Enter the upload bandwidth rate for the plan. This field
7 Upload Speed No
is Optional.
Download Enter the download bandwidth rate for the plan. This
8 No
Speed field is Optional.
In case if a particular plan is no longer used, you can remove that plan from Unibox. Login as
Admin with valid credentials and navigate to Plans section under Billing Tab. Click on the
“List Plan” tab available in your left pane and select the plan you want to delete by clicking
on its “Plan Name”. Click on the “Delete Plan”, now seen in your left pane to delete this
plan, plan gets deleted once you confirm when prompted to delete the plan. Refer to the
Prepaid
Prepaid or access codes are random 10-digit numbers generated by Unibox that function as
username during the authentication process. These codes are generally created in a batch
and then distributed to users one-by-one. The administrator can either sell the codes (for a
fee) or give them complimentary.
The user enters the code on the login page and gets access to the Internet. Each code has
certain restrictions and these govern the length of the session or bandwidth allotted to the
session. Administrator usually apply the restrictions to the whole batch so all the codes
under the batch will get the same restrictions. For example, 1 hour code will provide
Internet connectivity to the user for 1 hour. Administrator can also specify the bandwidth
rates, number of clients and concurrency restrictions.
Each code can have a fee. The fee may be collected by the administrator while dispensing
the code to the user. The codes generally get activated when they are used for the first
time. The restrictions will take effect once the code is activated.
Administrator can export the batch of codes in PDF or Excel format. In PDF format, the
codes are presented on an A-4 sized paper so they can easily print for distribution. When
exported in Excel format, the codes can be sent to a professional printer for converting into
branded prepaid cards.
List Prepaid Batch

You can see the list of existing Prepaid code batches on Unibox by logging in as Admin with
valid credentials and navigating to Prepaid section under Billing Tab. Refer to the screenshot
below for more details.
If the prepaid code batch list is too long you can also search a particular batch by providing
various search parameters like Date Used (Equal to, Greater than or Smaller than), whether
it is Active code or not, Prepaid Number or the MAC Address from where the code was
used. See screenshot below for more details.
New Prepaid Batch

You can create a Prepaid batches with four different offerings such as Prepaid batch with
Fixed time, Fixed Time with Validity, in number of Days and Bandwidth usage with validity.
We will go through each example and see how to create batches based on our
requirements.
To create a new prepaid batch having Fixed Time, login as Admin with valid credentials and
navigate to Prepaid section under Billing Tab. Click on the “New Prepaid Batch” tab available
in your left pane and configure various parameters as seen in the screenshot below. End
user using the code from this batch is allowed to use internet for 2 hours from his code
activation time. Code gets expired within 2 hours from activation irrespective of his usage
time. For more information and significance of each parameter, refer to the table followed
by screenshot.

Number of Enter the number of access codes to generate in the
1 Yes
Codes batch
Prepaid Batch Enter the name of the batch so it can be easily
2 Yes
Name identified from the list.
Total Amount
3 (Per Code Yes Enter the amount (fee) for each code.
Amount)
4 Upload Speed No The upload bandwidth rate to assign to each code.
Download The download bandwidth rate to assign to each
5 No
Speed code.
Enter the number of sessions to allow using the code
6 Sessions No before the code becomes invalid. Keep blank for no
restriction.
Enter the total number of clients that can use the
7 Clients No
code. Keep blank for no restriction.
Select whether you apply time or bandwidth
8 Restrictions Yes
restrictions
For time restriction, enter the time period for which
9 Valid For No the code will remain valid. The duration starts
counting down from the code activation time.
For time restriction, enter the amount of time the
10 Use For No code is valid (e.g. 5 hours) along with the validity
period.
Enter the dates between which the prepaid codes
11 Between No
will be valid.
Enter the amount of total bandwidth allotted to each
Bandwidth
12 No prepaid code and the validity period for the code
Usage
once the code becomes active.
To create new prepaid batch having Fixed Time with validity, login as Admin with valid
credentials and navigate to Prepaid section under Billing Tab. Click on the “New Prepaid
Batch” tab available in your left pane and configure various parameters as seen in the
screenshot below. End user using the code from this batch is allowed to use internet for 2
hours. Code gets expired after 2 days which is his validity period or after his usage time of 2
hours whichever is earlier. For more information and significance of each parameter, refer
to the table followed by screenshot.
To create new prepaid batch with number of day’s usage, login as Admin with valid
screenshot below. End user using the code from this batch is allowed to use internet on
specific 2 days i.e. starting on 23 Apr 2013 to 24 April 2013. Code gets activated on 23 rd April
24, 2013 and expires after 24th Apr 2013. User is no longer allowed to browse internet on
25th of April 2013 neither before 23rd April 2013. For more information and significance of
each parameter, refer to the table followed by screenshot.
To create new prepaid Bandwidth usage batch with validity, login as Admin with valid
screenshot below. End user using the code from this batch is allowed to use internet till his
Bandwidth limit of 100GB is reached but with validity period as 7 days. Code gets expired
after 7 days which is his validity period or after his Bandwidth limit of 100 GB is reached
whichever is earlier. For more information and significance of each parameter, refer to the
table followed by screenshot.
Administrators can also view all the BYOD devices associated with the prepaid codes. If the auto
MAC capture is enabled for the user group associated with the prepaid codes, UniBox will capture
the user’s MAC address and store them for automatically login.
The table will display all the BYOD devices associated with the prepaid codes in the given batch. It
will display the Prepaid code, MAC address and Framed IP address for each BYOD entry.
Administrator can also edit or delete multiple BYOD devices using the Edit All BYOD option.
Customize Prepaid Design

You can customize your Prepaid code design to look much better and it has your
Organization’s Logo and your own special background. Login as Admin with valid credentials
and navigate to Prepaid section under Billing Tab. Click on “Customize Prepaid Design” tab
available in your left pane and configure various parameters as seen in the screenshot
below.
Administrator can export the list of prepaid codes for printing or distribution. Unibox can
export codes in two formats –
1. CSV or Excel format: All code information is exported in Excel sheet.

2. PDF format: The code information is inserted in a business card style layout with
company logo
Click on the desired format to export the prepaid codes. In case of excel format, the
codes information is displayed on each row along with the price of the code, time or
bandwidth restrictions. The administrator can send the excel file to the printer for
printing the codes.
For PDF format, the codes are printed on an A4 sized paper. Each code is printed in a
business card sized format which contains the code, restrictions, company name, logo
and footer. The same codes are as shown below.
For PDF format, the codes are printed on an A4 sized paper. Each code is printed in a
business card sized format which contains the code, restrictions, company name, logo and
footer. The same codes are shown below.
Administrator can upload the Header, footer and company logo under the “customize
prepaid” section as already discussed above. The footer and header can’t exceed more than
80 characters. The logo should be in JPG or GIF format. Additionally the administrator can
also upload the background for the code.
If you want to expire entire batch, you can do so by clicking on the Batch Name displayed in
the Prepaid Batch List. Click on the “Expire Prepaid Batch” tab available in your left, once
you confirm the expiry once prompted as seen in the screenshot below, entire batch gets
expired.
Similarly If you want to delete the entire batch, you can do so by clicking on the Batch Name
displayed in the Prepaid Batch List. Click on the “Delete Prepaid Batch” tab available in your
left, once you confirm the deletion once prompted as seen in the screenshot below, entire
batch gets deleted. Please note you can only delete Expired Batches, on the other hand you
can Expire the batch first and then delete it.
Just like you were able to manage Prepaid Batch, you can also view Prepaid Code details,
Prepaid Code accounting, Export Prepaid Code Usage and get agent and auth history for a
particular code in a prepaid batch. You can see this options available in your left pane when
click on “List Prepaid Code” icon for a particular batch displayed in the prepaid batch list.
Login as Admin with valid credential and navigate to Prepaid section under Billing Tab. Click
on the Prepaid Batch name displayed in the list of Prepaid batches. You will the list of
prepaid code created under that batch. See screenshot below.
Unibox provides you with the search facility if you are looking for a specific Prepaid code.
You can search Prepaid codes by Date Used (This can be Equal to or greater than or smaller
than), active prepaid codes, Prepaid code number and Mac address of the system using
prepaid code. You can use one or more parameter to get desired list of prepaid code. Refer
Search by prepaid code number:
Search active prepaid codes:
Similarly you can also use date and MAC address parameters for searching a particular
Prepaid code or codes.
You can now click on any of the prepaid codes displayed in the list to see the prepaid code
details. Refer to the screenshot below.
You can also test the prepaid code login by Clicking on the “Test Prepaid Code Login” tab.
You can add BYOD devices for individual prepaid code to allow user’s devices to login
automatically on the network. To add new BYOD device, click on the “Add BYOD” option.
Similarly you can edit or list the BYOD devices associated with the prepaid code.
Once you are in Prepaid Code details, you can view Prepaid code accounting details buy
clicking on “Prepaid Accounting” tab available in your left pane. Refer to screenshot below
for more details.
You can export Prepaid code details into PDF or CSV format by clicking on the “Export
Prepaid Code” tab available in your left pane in Prepaid Code details page. Refer to the
To get the Agent and authorization history for a particular code you need to click on “Agent
And Auth History” tab available in your left pane. Refer to the screenshot below for more
details.
Transactions
To view the list of all credit card transactions, click on the Transaction section. Each row
displays the username, transaction ID, the status of the transaction, amount and the date of
the transaction. UniBox logs both the approved and declined transactions. Please note that
the credit card or PayPal module needs to be enabled for the transactions to work correctly.
Administrator can view the details of the transaction by clicking on the username field.
If the transaction list is too big, Unibox provides you with the search facility to look for a
particular transaction or transactions. You can search transactions using the Transaction
Date (this can used with Equal to, Great than or Smaller than signs) or Full Name or
Transaction Status or Billing Plan. You can also use more than one parameter for searching
your desired transactions.
Administrator can also export the list of transaction for the selected dates. The transactions
are exported in comma-separated values (CSV) format so they can be easily viewed in an
Excel file.
Email Templates
Email templates are canned email messages that are defined in Unibox. These email
templates are sent to the administrator or to the end user. For example, registration emails
can be defined in this section. If administrator configures the billing module with the
registration template, the end user will receive the canned email message.
Email templates have placeholders. These placeholders are substituted by actual values
when the email gets sent out. For example, <<FirstName>> will get substituted by the user’s
first name when the registration template is sent out.
List Email Tempates

You can get the list of existing template by logging in as Admin with valid credentials and
navigating to Email Template section under Billing Tab. Click on the “List Email Templates”
tab seen in your left pane and it will show you the list of all available Email Templates. Refer
New Email Templates
If you want to add new email template then you need to login as Admin with valid
credentials and navigate to Email Templates section under Billing Tab. Click on “New Email
Template” tab seen in your left pane and configure various parameters as seen in the
screenshot below with valid values. For more details and significance of each parameters
refer to the table followed by screenshot.
No Placeholder Description
1 FirstName First name of the user
2 LastName Surname or last name of the user
3 FullName First name and last name of the user
4 UserName Username of the user
5 ShortUserName Username without the realm
6 Password User’s password
7 Email Email address of the user
8 DateTime The date and time when the email was sent
9 TotalAmount The amount charged to the user
10 SiteName Location name of the hotspot
11 PlanName Name of the plan for the user.
If you want to delete email template then you need to login as Admin with valid credentials
and navigate to Email Templates section under Billing Tab. Select the template to be deleted
from the Email Template list by clicking on “Email Template Name”. You can now click on
the “Delete Template” tab seen in your left pane and once you confirm deletion when
prompted template gets deleted. Refer to the screenshot below.
Reporting
Unibox provides extensive Reports on Online Users, Usage, Revenue, Billing, Network
Monitoring, System status, User Agents and SMS Reports. Administrators can view these
reports in tabular or graphical format with various configurable parameters to get the
desired customized Reports.
Online Users
Unibox allows you to view the list of online users at a given instance. Login as Admin with
valid credentials and navigate to Online Users section under Reports Tab. Click on the
“Online Users” tab available in your left pane. You will see the list of Online Users. Each row
displays username, IP address of the client, MAC address of the client, online duration, idle
duration, bandwidth used – uploaded and downloaded, and bandwidth rate – upload rate
and download rate and button for disconnecting the user.
The data in the table gets refreshed in real-time i.e. the bandwidth rate, usage and online
time changes on each refresh. Moreover you as an Admin can logout any of the Online
Users by clicking on the Logout button displayed in the last column against each User.
Unibox also provides you with the search facility in case you are looking for particular users.
You can search users by their usernames or IP address or MAC addresses. Refer to the
Usage
Unibox provide you with the Usage summary and Usage Graphs in this section. Usage
Summary provides you with various Usage Reports whereas in Usage Graphs you can view
the graphical presentation of real time Bandwidth usage by the Online Users. We will
discuss both Usage Summary and Usage Graphs in details in the following sections.
Usage Summary
These Reports display the usage summary over the selected period of Time. Administrator
can view various reports such as Total Session versus Time, No of session versus Day of
Week, No of session versus Hour of Day, Bandwidth usage versus Time and Top Users.
In our example below we have shown how you can get report from 1st of July 2013 to 10th of
July 2013. Login as Admin with valid credentials and navigate to Usage Summary section
under Reports Tab. Click on “Usage Summary” tab available in your left pane. Select report
Type as “Total Session Vs Time” from the drop down list, provide time interval as starting
and ending dates, Time unit either in day, week, month or year and choose the display type
as Tabular (You can select graphical report if you would like to see reports as graphs). After
clicking on the Submit button you see the report listed below in a Tabular format. Refer to
the screenshot below for more details. To get more information and significance of each
report type, refer to table followed by the screenshot. Please note the report can display
only 7 units at a time so if the administrator selects a large date range then he needs to
adjust the time unit to higher value.
No Placeholder Description
Displays the number of sessions over the given
1 Total Sessions Vs Time
period of Time.
Number of Sessions Vs Day of Displays the number of sessions for each day of
2
Week the week over the given period of Time.
Number of Sessions Vs Hour of Displays the number of sessions for each hour of
3
Day the day over the given period of Time.
Displays total bandwidth usage through Unibox
4 Bandwidth Usage Vs Time
over given time period.
Displays the users in descending order according
5 Top Users
to their bandwidth usage.
Similarly, administrator can also choose to view reports in graphical format. The values are
displayed in a histogram as seen in the screenshot below.
You can also create Reports for Total Sessions Vs Time for a Week or Month or even a Year
by using Data Unit as Week or Month or Year. Below are some of the examples on getting
these reports. Refer to the screenshots below for more details.
Administrator is also made available with another Report type “Number of Session Vs Day of
Week” just like the one Total Session Vs Time as explained above. You need to choose
Report Type as “Number of Session Vs Day of Week”, Time interval with start date say for
e.g. as 1st July 2013 and end date as 10th July 2013 and the Display Type as “Tabular”. Report
will generate accordingly and will be as seen in the screenshot below. Here Time Unit
becomes invalid and is not available for use.
Further to this Administrator can look into another Report type “Number of Session Vs Hour
of Day” just like the one Number of Sessions Vs Day of Week as explained above. You need
to choose Report Type as “Number of Session Vs Hour of Day”, Time interval with start date
say for e.g. as 1st July 2013 and end date as 10th July 2013 and the Display Type as “Tabular”.
Report will generate accordingly and will be as seen in the screenshot below. Here Time
Unit becomes invalid and is not available for use.
Another Report type Unibox provides you with is “Bandwidth Usage Vs Time”. You need to
choose Report Type as “Bandwidth Usage Vs Time”, Time interval with start date say for e.g.
as 1st July 2013 and end date as 10th July 2013, Time Unit as Day and the Display Type as
“Tabular”. Report will be generated accordingly and will be as seen in the screenshot below.
Similarly you can have the same report on Weekly or Monthly or Yearly basis as seen in the
screenshots below.
Further Administrator has one more Report type “Top Users”. You need to choose Report
Type as “Top Users”, Time Unit as Day and the Display Type as “Tabular”. You will get the list
of User in descending order based on the top usage. Report will be generated accordingly
and will be as seen in the screenshot below.
Similarly you can choose to have reports for different Time Unit as Week, Month or Year. Reports
will be generated accordingly. Refer to the screenshots below for more details.
Usage Graphs
UniBox is designed to keep a real-time log of last 24 hours of bandwidth usage and user
count. This data is used to plot a running graph of the bandwidth use and online users.
These graphs help the administrator to view the load on the network for a 24 hour period.
The graph below displays the bandwidth used at a hotspot. The red values indicate the
downloaded bytes and blue indicates the uploaded bandwidth. UniBox samples the upload
and download values in 15 minutes interval.
UniBox provides a unique feature to track the bandwidth available from the ISP over last 24
hours. UniBox is programmed to sample the ISP bandwidth every hour and log the available
upload and download rate. This information is used to plot a line graph as shown.
This report allows administrator to keep check on the available ISP bandwidth and cross
check whether they are getting the bandwidth from the ISP as per their contract.
In addition, UniBox also periodically performs a speed test with the nearest peer for
calculating the real bandwidth available to the users. This result is summarized in the ISP
bandwidth usage section. The residual bandwidth (upload/download) calculates the
remaining bandwidth available to the remaining users, while the local bandwidth
(upload/download) provides the currently used bandwidth. The total ISP bandwidth usually
is the addition of residual and local bandwidth.
The image below displays a running graph of the downloaded and uploaded packets.
UniBox also track number of online users each 15 minutes and plots a line graph over a 24
hour period. This graph helps the administrator find out the load on the network and map it
to the bandwidth usage.
Billing Reports
This section provides you with various Billing Reports over the selected time period.
Administrator can view various reports such as Revenue Report, Revenue by Plan, Prepaid
Usage Reports and Signup summary.
Login as Admin with valid credentials and navigate to Billing section under Report Tab. Click
on the “List Billing Reports” tab available in your left pane. You will see the various report
types Unibox maintains. Refer to the screenshot below for more detail. We will go through
in details of each report types in the following sections.
Revenue Reports
You can choose to view Revenue Reports by clicking on “Revenue Report” displayed in list of Billing
Reports. In our example below we are creating a Report of Prepaid Revenue from 1 st July 2013 to
10th July 2013.
Login as Admin with valid credentials and navigate to Billing Section under Reports Tab. Click on the
“Revenue Reports” tab displayed in your left pane. Select Report type as “Prepaid Revenue”; enter
Time Interval as required, Time unit as Day and Display Type as “Tabular Report”. You will see the
Prepaid Revenue Report as shown in the screenshot below.
Similarly you can get the report of “Prepaid Revenue” for week, Month and Year. Refer to the
screenshots below.
You also have an option to choose Report type as Credit card Revenue. In the example below we are
looking for revenue report for Credit card from 1st July 2013 to 10th July 2013.
“Revenue Reports” tab displayed in your left pane. Select Report type as “Credit Card Revenue”;
enter Time Interval as required, Time unit as Day and Display Type as “Tabular Report”. You will see
the Credit Card Revenue Report as shown in the screenshot below.
Similarly you can also get the credit card revenue report for a particular Week or Month or a Year.
Finally you also have an option to choose Report type as “Total Revenue” and get the report for a
particular period. In our example below we are looking for Total Revenue from 1st July 2013 to 10th
July 2013.
“Revenue Reports” tab displayed in your left pane. Select Report type as “Total Revenue”; enter
Time Interval as required, Time unit as Day and Display Type as “Tabular Report”. You will see the
Prepaid Revenue Report as shown in the screenshot below.
Similarly you can also get the “Total Revenue” Report for Week or Month or Year. You need to select
Time Unit accordingly. Refer to the screenshots below for more details.
Revenue by Plan
Unibox provide you with the Reports on Revenue by Plans. You can choose to view Revenue by plan
by clicking on “Revenue by Plan” displayed in list of Billing Reports. In our example below we are
creating a Report of Revenue by plan from 1st July 2013 to 10th July 2013.
“Revenue by Plan” tab displayed in your left pane. Select Time Interval as required, Time unit as Day
and Select Plan Type. In our example below we are looking for all plans revenue, so we select “Plan”
as “ALL”. Click on the “Display Report: button and you will see the Revenue by Plan Report as shown
in the screenshot below.
Similarly you can also view the reports for an individual plan for a particular period in Week or
Months or Years. Refer to the screenshots below for more details.
Prepaid Usage Report
You can choose to view Prepaid Usage Reports by clicking on “Prepaid Usage Report” displayed in
list of Billing Reports. In our example below we are creating a Prepaid Usage Report from 1 st July
2013 to 10th July 2013.
“Prepaid Usage Reports” tab displayed in your left pane. Select Report type as “Prepaid Users Vs
Time”; enter Time Interval as required, Time unit as Day and Display Type as “Tabular Report”. You
will see the Prepaid Revenue Report as shown in the screenshot below.
Similarly you can view Prepaid usage reports for a Week, Month or Year by selecting the Time unit
appropriately. Refer to the screenshots below for more details.
You can also view Prepaid session Vs Time Report by selecting the Report Type as “Prepaid Session
Vs Time”. In our example below we are creating a report for Prepaid sessions from 1 st July 2013 to
10th July 2013.
“Prepaid Usage Reports” tab displayed in your left pane. Select Report type as “Prepaid Session Vs
will see the Prepaid Session Report as shown in the screenshot below.
Similarly you can view the Prepaid Session Report for a Week or Month or Year by selecting Time
Unit appropriately. Refer to the screenshots below for more details.
You can also view Total Time Used Vs Time Report by selecting the Report Type as “Total Time Used
Vs Time”. In our example below we are creating a report for Total Time Used from 1 st July 2013 to
10th July 2013.
“Prepaid Usage Reports” tab displayed in your left pane. Select Report type as “Total Time Used Vs
will see the Total Time Used Report as shown in the screenshot below.
You can similarly view the Total Time used report for a Week or Month or Year by selecting Time
Unit appropriately. Refer to the screenshots below for more details.
Signup Summary
You can choose to view Signup Summary Reports by clicking on “Signup Summary Report” displayed
in list of Billing Reports. In our example below we are creating a Signup Summary Report from 1 st
July 2013 to 10th July 2013.
“Signup Summary Reports” tab displayed in your left pane. Enter Time Interval as required, Time unit
as “Day” and Plan Type as “All” to see Signup Summary Report for All Plans. You will see the Signup
Summary Report as shown in the screenshot below.
You can also view Report for Signup Summary for a Particular Plan and for a Week or Month or Year
by selecting Time Unit appropriately. Refer to the screenshots below for more details.
System Reports
DHCP Leases
Administrators can view the DHCP leases assigned to clients on the network using the DHCP
lease report. Please note that this report will take some time to load depending on the
number of clients connected to the network.
Each row displays the MAC address, assigned IP address, whether the user is online and the
lease time of the client.
Port Connections
Administrator can view the list of open ports using the Port Connection report. The table
displays the connected computers on the network on each row. The IP address can be
expanded to view the opened ports. Each port is displayed with source port, destination IP
address, destination port, protocol and the state of the port.
This report can be used to find out the clients who might be using file sharing software or
the ones that have virus. In both cases, the client opens numerous ports to the remote
destinations either to download the files or launch virus attacks on the other computers. To
refresh the list of ports, click on the Refresh button.
The network interface report displays the current status of all the available ports on UniBox.
Each row displays the name of the interface (port), transmitted and received packets. It also
displays the number of packets dropped or transmitted in error.
If there are too many dropped or error packets, it indicates connectivity problems in the
network.
ARP Report
ARP (Address Resolution Protocol) report displays the list of clients connected to the
network. Please note that UniBox takes some time to perform an ARP scan on the network.
If the number of clients is large, it may take several minutes for generating the report.
Each row displays the IP address of the client, MAC address and the Vendor the wireless or
wired adapter.
System Usage
These reports display the health of UniBox over a 24 hour period. Administrators can check
these report if there is a problem in the performance of UniBox.
The CPU usage report displays the percentage of CPU used over a 24 hour period. UniBox
samples the CPU usage every 15 minutes and plots a line graph as shown below.
The memory usage graph displays the memory used by UniBox over a 24 hour period. A
consistent high usage of memory may indicate heavy load on UniBox and may affect the
network performance.
Lastly the port usage graph displays the total number of port opened on the UniBox over a
24 hour period. This report will help the administrator pin point the time when there was
heavy usage of the network and when users may be using file sharing or other programs
that require large number of open ports.
System Information
This report displays the system information along with the status of the services running in
UniBox. If any service is not running, cross will appear next to the process. Some processes
may be optional and will only run when certain features are enabled in the UniBox.
This report also provides hardware information like the processor details, MAC addresses of
the Ethernet and wireless ports and other information necessary for the network
administrator.
Monitoring
Monitoring report displays the list of all monitored devices in the network. Administrator can
configure the network devices like access points, camera, POS terminals and other devices for
monitoring.
User Agent
The user agent reports shows type of devices (smart phones, tablets, laptops) users use on the
network. This report is shown as a pie chart where each pie represents the type of operating system
or device used by the users.
The same data is also shown as a bar chart so administrators can get approximate count for each
device or browser used.
Tools
Diagnostic Tools
Unibox provide debugging tools to diagnose network and other configuration problems.
These tools will be used to troubleshoot connectivity issues, understand the Path to the
destination, perform IP scan to know active IP’s on the network and capture packets on the
network to understand Network Traffic.
List Diagnostic Tools

Login as Admin with valid credentials and navigate to Diagnostic Tools sections under Tools
Tab. Click on “List Diagnostic Tools” tab available in your left pane to see the list of
diagnostic tools. Refer to the screenshot below for more details. Brief description of each
tool is given in the table followed screenshot.
No Tool Name Description

Use the tool to ping to a remote host. It accepts both IP
1 Ping
address and domain name
2 Traceroute Find the route from the Unibox to a remote host.
Scan the network for available clients using the IP
3 IP Scan
address
4 Network Trace Run packet capturing to troubleshoot network issues
Forcefully authenticate the user to enable him to login
5 Force Authenticate automatically without showing him the portal page.
Applicable only for local authentication mode.
Ping
Ping tool allows administrator to test connectivity to a remote host. Unibox sends ICMP
packets to the remote host and waits for the result. Enter the IP address or domain name of
the remote host. If the host is not accessible, it displays ping failed or remote host not
reachable message.
Once you are in Diagnostic Tools section, Click on the “Ping” tab displayed in left pane to
access PING tools. You can now enter either the Hostname or IP address of the system
whose connectivity needs to be checked. If the packets you are sending makes the round
trip that means the connectivity to the host is available. Refer to the screenshot below for
more details.
Pinging to the IP Address:
Pinging to the Host Name:
Trace Route
Traceroute allows administrator to find the paths or hops to a remote host. This tool is used
to find the route and figure out the network leg that has connectivity problems. To find the
route, enter the IP address or domain name of the remote host.
Login as admin with valid credentials and navigate to the Diagnostic Tools section under
Tools Tab. Click on “Trace Route” tab available in your left pane to access Trace Route tool.
Trace Route to a Domain Name:
Trace Route to an IP Address:
IPScan
IP scan is used to find active clients in the network. Usually it runs on the private (LAN)
network of Unibox. It starts scanning the network for live clients that falls between the
given range specified by the administrator. All the live clients are displayed in the result
table.
To specify the range enter the 4 octets numbers in case of a class C IP address Network. You
need to specify start and end IP address.
Login as Admin with valid credentials and navigate to Diagnostic Tools section under Tools
Tab. Click on the “IPScan” tab available in your left pane to access the IPScan Tool. Enter the
range in which you would like to perform IPScan. Refer to the screenshot below for more
details.
Network Trace
UniBox offers a tool to capture the packets on the given port for a given time period. This
tool is useful in inspecting the information going through the port to troubleshoot the
problems.
Please note that network trace may result in a large file on a busy network so be careful and
ensure that you enter right parameters and filters. The file is stored on UniBox and
downloaded by the administrator (downloaded file is in PCAP format and you need to have
supported tool to view PCAP files) for viewing in other tools like wireshark.
Login as Admin with valid crendentials and navigate to Diagnostic Tools section under Tools
Tab. Click on the “Network Trace” tab available in your left pane to access the tool. Enter
value for the parameters shown and start the Trace by clicking on “Start Trace” button.
Refer to the screenshot below for more details. To know more about Filters click on the
“Click here” link seen below the Filters Text Box.
The buttons are used to begin or stop the network
1 Start / Stop Trace
trace.
Select the port on which the network trace should run.
2 Interface to trace
It could be Bridge, LAN or WAN port.
Enter the duration in seconds for running the trace.
3 Duration
Default duration is either 600 seconds or 6 minutes.
Enter the number of packets to capture before turning
Number of
4 off the packet tracer. Default value is 100. Leave
Packets
empty for unlimited value
Enter the size of the file in bytes for storing the
5 Size Limit captured packets. Default value is 128 bytes. If no
value is specified, it means unlimited size.
Enter the packet trace filters. Click on the link below
6 Filters the text box to know further details. Only the packets
that match the filter will be captured.
Once you click on the “Start Trace” button, it will start filtering the network data based on
the filters you mentioned. Status now shown in your page is “Network Trace Started”. Refer
to the screenshot below:
It then shows you the status as “Network Trace in Progress”. Refer to the screenshot below.
Once the Trace is over it will show you the status as “Network Trace completed” and you
can now export the trace to a file for analyzing the data. You can even stop the trace in
between before it stops and export the logs.
Administrator can download this file on their local machine using the export feature.
Click on the Export Network Trace to download the stored file to the local disk. It gets
download in your Downloads folders. Refer to the screenshot below.
Force Authentication
Unibox provides you with the feature of Force Authentication to enable the user to login
without using any Portal page or username/password. He is forcefully authenticated and
user can browse Internet without getting authenticated. This is useful for your support team
who would like to give immediate access to the end users whenever required. It also helps
you to grant access to privileged people in your Hotspot to use internet without any
authentication and accounting.
Login as Admin with valid credentials and navigate to Diagnostic Tools section under Tools
Tab. Click on the “Force Authenticate” tab available in your left pane and see the list of
users to whom DHCP leases have been provided. You can click on the “Authenticate” button
to forcefully authenticate selective users and then they can browse through internet
without any username/password or accounting. Refer to the screenshot below for more
details.
Admin has forcefully authenticated the user with IP 10.10.10.2. See screenshot below for
more details. You can also forcefully logout the user by clicking on the “Logout” button as
seen in the screenshot below.
Caching / Proxy
Unibox provides on board caching and proxy service. Both these services work in tandem
but can be enabled or disabled independently. The proxy service is needed for the content
filtering service to work correctly. If caching service is enabled, Unibox will cache the static
content of the web pages locally and will fetch the dynamic content from the remote server.
This results in significant reduction of bandwidth usage for a busy network.
Administrator needs to define the parameters for the caching process. The cache timeout
decide how long the static content is stored locally before fetching it again from the remote
server. The cache limit decides the amount of storage allotted to the caching function.
Unibox will automatically start offloading old cached web pages once the cache limit is
reached.
Caching / Proxy
You need to enable the Proxy Server before using it. Login as Admin with valid credentials
and navigate to “Caching / Proxy” section under Tools Tab. To enable Proxy Server you need
to check the “Enable Proxy” checkbox as seen in the screenshot below.
Once you enable Proxy Server, you can now enable Caching. Please note if you are planning
to use “Content Filtering”, enabling Caching is mandatory.
You need to check the “Enable Caching” checkbox and configure Cache Timeout and Cache
Limit to enable Caching. Default value for Cache Timeout is 6 Hrs and for Cache Limit is 100
MB. Refer to the screenshot below for more details.
Flush Cache
Sometimes it is necessary to flush the cached content. To clear all the existing cached pages,
click on the flush cache link and confirm the action. All the stored cached content is cleared
immediately.
Please note that most browsers also cache the web pages locally on the client. Clearing
cache in Unibox will NOT clear the cached content in the browser. The user will need to
explicitly remove the cached content in the browser.
Login as Admin with valid credentials and navigate to Caching / Proxy section under Tools
Tab. Click on the “Flush Cache” tab seen in your left pane to flush the cache. Refer to the
Remote SysLogs
Unibox provides an option to send system messages to a remote syslog server for storage
and analysis. This feature is especially important when the administrator wants to monitor
activity on multiple Unibox systems without having to log into each one of them individually.
Similarly, if the Unibox is not remotely accessible, this feature allows the administrator to
track the activities on the network.
Remote System Logs

Login as Admin with valid credentials and navigate to Remote SysLogs sections under Tools
Tab. You will see the List of Remote SysLogs servers configured for your Unibox. Refer to the
New Remote Server

Administrator can specify one or more syslog servers. If multiple servers are specified, the
system message will be broadcasted to all the servers. Please note that you need to setup a
SysLog server and configure it to accept packets from the Unibox.
Login as Admin with valid credentials and navigate to the Remote SysLogs Section under
Tools Tab. Click on “New Remote Server” tab available in your left pane to configure your
new Remote Syslog Server. Refer to the screenshot below for more details. For more
information and significance of each parameter, refer to the table followed by screenshot.
1 Name Yes Name of the remote syslog server
Enter the IP address of the remote

2 Server IP Yes
syslog server.
Select whether the syslog server
3 Protocol Yes accepts UDP or TCP packets. Default
is UDP.
Enter the port number of the syslog
4 Port Number Yes
service. Default is 514.
5 Facility Yes Select the facility of the syslog error
Enter the prefix for the syslog

messages. Unibox will prefix all
messages with this tag. This allows
6 Message Prefix Yes
administrators to easily identify or
sort the messages from multiple
Unibox systems.
Delete Remote Server

If you no longer require any of the configured Syslog servers, you can delete them. Select
the Syslog server you want to delete by clicking on the Syslog server Name displayed in the
Remote Syslog Server List. Click on “Delete Remote Server” tab available in your left pane
and once you confirm the deletion after being prompted, server gets deleted and removed
from the Remote SysLogs server list. Refer to the screenshot below for more details.
User Activity Logs
Unibox provides a feature to allow administrator to track web activity i.e. URL’s visited by
each user connected on the network. Several countries have enacted a law whereby the
network operators are required to track user activity to detect any suspicious activity. The
activity log feature allows administrator to comply with these laws.
All the activity logs are collected and stored in Unibox. Since the size of the logs can become
huge for a business network, the activity logs are recycled every week i.e. administrators will
be able to track activity logs for one week at a time.
Unibox also provides you with the feature which enables you to send the activity logs to a
Remote SysLog server. This is already explained in detail in the Remote Syslog Server section
above.
Note: Proxy service is required for activity logs to work correctly.
List Activity Logs

Login as Admin with valid credentials and navigate to the User Activity Logs section under
Tools Tab. You will see the list of different types of activity logs Unibox is maintaining. We
will discuss each of them in details. Refer to the screenshot below for more details. For
information on different types of logs, refer to the table followed by screenshot.
No Report Description
Activity Logs Show summary of the activity log by users and
1
summary bandwidth consumed
Displays the top sites visited by the users in descending
2 Top sites
order
Provides administrator options to search for activity of
3 Sites & Users a given user or find users who have visited a particular
website
4 Download Hits Show list of files downloaded by the users.
Download Activity
5 Displays the downloaded files by users
Logs
Activity Logs Summary

Activity Log summary provides a summary of the URLs visited over last 7 days period. The
table shows total sites visited, unique sites, unique users and the bandwidth consumed.
Top Sites
To view top sites visited by the users over a given period, click on the top sites option. The
table shows URL’s, number of connections and total amount of bandwidth utilized by that
URL.
Site and Users
The Site and Users option shows the details of URL against each user. The table shows all
the users in the database along with the URL they visited. The URLs are listed under each
username. To view the URLs, click on the + icon.
The URL data is displayed in reverse chronological order, with the latest URLs on the top.
Each row displays the Username, URL accessed, IP address of the user, Mac address of the
User system and the Date accessed.
Unibox also provides you with the search facility, to look for a particular data based on URL
or Username or the date or any combination of them. Refer to Screenshot below where it is
showing you the log for a particular URL secure.unibox.com for today.
Download Hits
Unibox allows you to analyze user downloads. Download hits provide you the data on each
download user is doing along with the details like Username, User’s IP Address, User
System’s MAC Address and the date on which download happened.
Login as Admin with valid credential and navigate to User Activity Logs section under Tools
Tab. Click on “Download Hits” tab available in your left pane and you will see the Download
Hits Details. Refer to the screenshot below for more details.
Unibox also provides you with search facility to look for particular Download Hits data. You
can search the Download Hits using IP address of the user or the download date or both. In
our example, we are looking for Download for a particular user whose machine IP address is
10.10.10.12. Refer to the screenshot below for more details.
Download Activity Logs
Unibox allows you to download and save the user activity logs. Login as Admin with valid
credential and navigate to User Activity Logs section under Tools Tab. Click on the
“Download Activity Logs” tab available in your left pane. Once you confirm the download
when prompted, user activity logs get’s saved on your system. Refer to the screenshot
below for more details.
Event Logs
Event logs display all the activity (events) inside Unibox. These events are primarily used for
debugging issues on the network or configuration problem in Unibox. The logs are displayed
in reverse chronological order. Each row displays date and time, severity of the event,
source, section name and description of the event.
Each event has specific severity level. For higher severity, the row will appear as red so
administrators will be able to easily distinguish critical events from the regular ones.
Administrators can filter the events based on different levels. In addition, s/he can view only
the recent logs or logs for last 24 hours. Please note that the 24 hours logs may take longer
time to load if the network is busy.
Event Logs
The event logs will display all activity inside Unibox, which includes system message
generated by the processes and configuration changes done by the administrator. The
source will indicate whether the event was generated by action of the administrator or at
runtime by the Unibox process. All events are further categorized into sections for easy
identification and classification.
Login as Admin with valid credentials and navigate to Event Logs section under Tools Tab.
Click on “Event Logs” tab available in your left pane. You will see list of Event logs, by default
it will show the Recent Logs. To see complete logs you need to select “Complete Logs” radio
button. Refer to the screenshot below for more details.
Unibox also provides you with the search facility if you are looking for particular logs. You
can filter the logs based on Severity or Source or Section. Refer to the screenshot below for
more details. In our example below we are looking for logs which are with severity set as
Alert.
Save Logs
Unibox allows you to save Events logs for further analysis. Login as Admin with valid
credentials and navigate to Event Logs section under Tools Tab. Click on “Save Logs” tab
available in your left pane. Once you confirm the Save Logs when prompted, logs will be
saved on your system in CSV (Comma separated values) format. Refer to the screenshot
below for more information.
Admin
The administration section in Unibox provides administrative tools to the administrators.
These tools are used to control access, backup and restore configuration, reboot or
shutdown Unibox and configure system wide parameters under the profile section.
Account
Unibox comes with a single administrator account. However it allows the administrator to
create multiple accounts and allot different access rights to each account. The other
administrators will be able to access Unibox using these access credentials and will get
access to the sections configured in the access rights.
List Accounts
To view the list of all accounts in Unibox, login as Admin with valid credentials and navigate
to the Accounts section under Admin Tab. You will see the list of account existing in Unibox
along with their Account Name, UserName, Email and last Login details. Refer to the
New Accounts
To create new administrative account, login as Admin with valid credentials and navigate to
the Accounts section under Admin Tab. Click on “New Account” tab available in our left
pane and configure various parameters as seen in the screenshot below. For more details on
each parameter and its significance, refer to the table followed by screenshot.
Enter the username for the account.
The username should be unique and
1 UserName Yes
should not contains special characters
like !@#$%^&
Enter the password for the username.
The password should be at least 6
2 Password Yes
characters and can contain alpha-
numeric and special characters
3 Re-Type Password Yes Re enter the user’s password
Enter the full name of the account

4 Account Name Yes
holder.
Enter the email account of the
5 Email Yes
account holder.
Show Authentication If checked, the administrator will be
6 No
Users password able to view the end user’s passwords.
Select the access privileges for each
Unibox section.
a. Full Control: user has
full control of the section i.e. create,
delete, edit and view.
b. Edit : User has edit
7 Access Control Yes and view access
c. Readonly: User has
view only access
d. Hidden: The section

is completely hidden from the user
Similarly you can create admin account with mixed privileges based on the role of that
admin account. In our example below we have create a account for Billing Administrator
who has full control on Billing configuration whereas for all the other modules he will have
read only access. Refer to the screenshot below for more details.
For changing the password of an existing user, click on the “Account Name” of the user
displayed in the Account’s list. Click on “Change Password” tab available in your left pane.
Enter new password for the user and re-enter the same password again for confirmation.
Click on submit button to save the changes and the password change gets reflected upon
next login for that user. Refer to the screenshot below for more details.
If you want to delete one of the existing users, select the user by clicking on its Account
name from the Account’s list. Click on the “Delete User” tab available in your left pane and
confirm the user deletion when prompted. Once confirmed the user gets deleted and
removed from the account list. Refer to the screenshot below for more details.
Profile
The admin profile is used to configure the system wide parameters for the Unibox. Login as
Admin with valid credential and navigate to Profile section under Admin Tab. You will see
the list of parameters to set the profile of your Unibox. Refer to screenshot below for more
details. For more information on each parameter and its significance, refer to the table
Enter the name of the company or
1 Organization Name Yes
location where the Unibox is installed
2 Controller Name Yes Enter name of the Controller
2 Address No Enter the address of the location
City, State, Zipcode and
3 No Enter the details of the location
Country
Latitude and longitude coordinates of
4 Latitude/Longitude No
your Hotspot.
Auto-generated customer code is
displayed in this field. This field is non-
5 Customer Code Yes
editable. The customer code is useful for
designing external portal pages.
Auto-generated serial number of Unibox.
The serial number uniquely identifies each
Controller Serial
6 Yes Unibox and is needed when contacting
Number
Wifi-soft support. This field is not
editable.
Auto-generated prepaid password. The
prepaid password is used while
generating prepaid codes. If external
7 Prepaid Password Yes portal page is setup with prepaid codes
then the password needs to be passed to
Unibox during authentication. This field is
not editable.
Auto-generated password for Auto-login
clients. The Auto-login password is
8 Autologin Password Yes
needed while authenticating Auto-login
clients. This field is not editable.
Enter password for users with free access
10 Free Login Password No and who are going to login without
Username and password.
Suffix is the Realm appended to the
username. Realms are primarily used to
9 Suffix Yes
support roaming providers like Boingo,
iPass.
Enter the currency used by the billing
10 Currency Yes module. All billing reports will use the
currency defined in this field.
Select the date and time format to use in
Unibox. If you change the format, you
11 Date Format Yes
need to relogin for the changes to take
effect.
Select the language for Unibox. Default is
12 Language Yes
English.
If checked, Unibox will support approval
of user account. In case of approval, each
user registration is sent to the
13 Allow approvals No administrator for approval. Only after the
administrator approves the account, the
end user is able to login and access the
Internet.
Enter ID Google O Auth. This is available

16 Google O Auth ID No when you register with Google for using
Google Maps.
Enter secret key of Google O Auth. This is

Google O Auth Secret
17 No available when you register with Google
Key
for using Google Maps.
Enter the Google map key. This key is

obtained from Google when you register
the domain or IP address for displaying
18 Google Map Key No
Google maps. The key is required for
displaying the network monitoring status
on a map.
Configuration
Administrator can take Backups of an existing Unibox configuration using this section. The
backup is helpful to restore the Unibox to previous working state, especially if the recent
changes result in configuration errors and administrator is not able to reverse the changes.
List Configuration
The configuration is listed under List Configuration section. Administrator can create
multiple profiles of the configuration and store them as backup. Login as Admin with valid
credentials and navigate to Configurations section under Admin Tab. List of all existing
configuration will displayed with their Profile Names and brief Description. Refer to the
Create Configuration
For creating a backup of existing configuration, Login as Admin with valid credentials and
navigate to Configurations section under Admin Tab. Click on “Create Configuration” tab
available in your left pane. You need to enter valid Profile Name and Description for the
backup to be taken. Once you click on the “Submit” button, configuration gets saved on
your Unibox.
To make use of an existing configuration i.e. restore the configuration or download it, click
on the configuration. Administrator will get options to restore the configuration, delete it or
download it.
Once you have created configuration, you can download this configuration to your System
and keep it safe for restore if required. To download and store the configuration on your
system, login as Admin with valid credentials and navigate to the Configurations section
under Admin Tab. Click on the “Download configuration” tab available in your left pane and
confirm the download when prompted. Once confirmed the configuration file gets stored
on your System in XML format. Administrator can store the downloaded XML file on another
computer. Refer to the screenshot below for more information.
Administrator can restore any configuration from an existing profile. All the existing changes
will be lost when the configuration is restored. Unibox will restart after restoring the
configuration. Login as Admin with valid credentials and navigate to Configurations section
under Admin Tab. Select the configuration to restore by clicking on Profile Name of the
Configuration from the list displayed. Click on “Restore Configuration” tab available in your
left pane and once you confirmed the configuration restore when prompted, restore takes
place. Refer to the screenshot below for more details.
You can delete the configuration which are no longer needed and are old. Login as Admin
with valid credentials and navigate to Configurations section under Admin Tab. Select the
configuration to be deleted by clicking on Profile Name of the Configuration from the list
displayed. Click on “Delete Configuration” tab available in your left pane and once you
confirmed the configuration deletion when prompted, it gets deleted and removed from the
configuration list. Refer to the screenshot below for more details.
Upload Configuration
Administrator can upload an existing configuration from an XML file into Unibox. The
uploaded configuration can be restored or stored in Unibox. You need to login as Admin
with valid credentials and navigate to Configuration section under Admin Tab. Click on
“Upload Configuration” tab available in your left pane and enter the details of the
configuration to be uploaded. Refer to the screenshot below for more details.
Time
Unibox allows administrator to change the Time Zone and date in Unibox. The date and time
can be set using either NTP server or by manually configuring the date and time in the Time
Zone section.
Time Zone
To configure the Time Zone for Unibox, Login as Admin with valid credentials and navigate
to Time section under Admin Tab. Click on the Time Zone tab available in your left pane.
Select the appropriate Time Zone from the drop-down section. Click on the submit button to
save the selected Time Zone. Refer to the screenshot below for more details. However it is
recommended that once the Unibox is set, configured and running, one should not change
the Time Zone unless it is a hard requirement. Changing Time Zone can affect Data in your
Unibox which is time sensitive.
Date and Time
To change the system date and time, Login as Admin with valid credentials and navigate to
Time section under Admin Tab. Click on the Date and Time tab available in your left pane.
Change the date and time using the drop-down options shown below. Click on “Submit”
button to save changes. You also click on “Refresh Date and Time” button to get the current
date and time. Refer to the screenshot below for more details. However it is recommended
that once the Unibox is set, configured and running, one should not change Date and Time
unless it is a hard requirement. Changing Date and Time can affect Data in your Unibox
which is time sensitive.
NTP Server
Administrator can also sync Unibox to a remote NTP server to update its time to global
standard Time. Various public NTP services are available around the world. Administrator
can configure one of the NTP servers as shown below. Unibox will sync with the NTP server
every time it reboots. Login as Admin with valid credentials and navigate to Time section
under Admin Tab. Click on the “NTP Server” tab available in your left pane. Enter valid NTP
server and click on Submit button to save changes. Refer to the screenshot below for more
information.
Reset
Sometime administrator needs to change all the settings to factory defaults. This is usually
done to start configuration from scratch or if the administrator is unable to recollect the
settings. Unibox offers two options to reset to factory defaults –
Hardware reset – This reset is done using a hardware switch or button depending on the
Unibox model. For models that provide a reset button, the administrator needs to press the
reset button for 30 seconds to trigger a hardware reset.
Software reset – Software reset is done using the Reset option under Admin Tab. All the
settings will change to factory defaults on reset. Unibox will reboot after reset is complete.
Refer to the screenshot below.
Login as Admin with valid credentials and navigate to RESET section under Admin Tab. Click
on the “Reset” tab available in your left pane and you now reset your Unibox once you
confirm the reset action when prompted. Refer to the screenshot below.
Reboot
Since Unibox runs a Linux kernel, care should be taken to not power down the unit directly
using the power button to avoid loss of data. If the administrator needs to reboot Unibox,
s/he can use the Reboot option available under the Admin Tab.
This will trigger a graceful shutdown of the Unibox in which all the processes will be stopped
and the unit will boot correctly.
Login as Admin with valid credentials and navigate to RESET section under Admin Tab. Click
on the “Reboot” tab available in your left pane and you now reboot your Unibox once you
confirm the reboot action when prompted. Refer to the screenshot below.
Please note that all the users will get disconnected when the Unibox is rebooted.
Power Off
To shutdown Unibox completely, login as Admin with valid credentials and navigate to
Power Off” section under Admin Tab. Click on the “Power Off” tab available in your left pane
and you can now Power Off your Unibox once you confirm the action when prompted. Refer
to the screenshot below.
This will trigger graceful shutdown of all processes and will switch off the unit.
Administrators can remove the power cable once the shutdown process is complete. Refer
to screenshot below. To start the unit again, apply the power supply and press the power
button, if applicable.
Access Log
In addition to the event logs, Unibox also maintains history of all changes and access by
administrator accounts.
To view the history of access, login as Admin with valid credentials and navigate to Access
Log section under Admin Tab. Click on the “Access Log” tab available in your left pane and
you see the list of Access logs. Each row displays the Account Name, Login Time, Logout
Time and Remote IP address from where administrator had logged in. Refer to the
Access Log
Unibox also provide you with the search facility to get the specific logs using a particular
account name or Login date or both. Refer to the screenshot below for more details. In this
example we are looking for logs for user “BillAdministrator” on date 25 th April 2013.
Change Log
Similarly, UniBox maintains the change log for each administrator accounts. This helps in
knowing the exact details of changes done to UniBox configuration. Each row displays the
name of the account making the changes, type of change, short description and date and
time when the change was done.
You need to login as Admin with valid credentials and navigate to Access Log section under
Admin Tab. Click on “Change Log” tab available in your left pane and you get the change
logs as seen in the screenshot below.
Unibox provides you with the search facility to look for specific change log based on
Changed date or Account name or Action. You can also use more than one parameter to get
the desired change logs. Refer to the screenshot below for more details. In our example
below we are looking for change log on a particular date 25 April 2013.
In an another example you can also look for change log done by Account Name admin-
account on date 25th Apr 2013 as seen in the screenshot below.
Similarly you can also use Action parameter along with Date change and Account Name to
look for Change logs.
Troubleshooting
UniBox offers different tools to trouble shoot the network. In addition, administrator can
also look at the event logs to monitor all the activity within the system. The activity log can
be streamed to remote syslog server to keep archive of all the activity on the system.
Tools like ping and traceroute are used to check the WAN connectivity. The ISP bandwidth
graph is a good indication of the Internet bandwidth available to the users over a 24 hour
period. This graph helps the administrator to identify the source of speed issues.
The system graphs and usage summary graphs give a good indication of the load on the
network and historical load on a 24 hour period.
The monitoring tool is used by administrators to track the connectivity to the access points
on the network.
Appendix
External Login Page
This section explains how to design UniBox compliant external login page. UniBox provides
an option under the portal section to specify an external URL for the login page. This page
can be hosted on any web server as long as the domain of the web server is added in the
passthrough URL list. This allows UniBox to load the external login page for the
unauthenticated users.
The external login page can be designed using any programming language like JSP, ASP, PHP,
Python, etc or using simple HTML. The programmer just needs to add the following form for
the login process to work correctly –
<form method='post' action='http://secure.unibox.com/process/login' >

<table border="0">
<tr><td><b>Username</b></td>
<td><input type='text' name='username' id='username'/></td></tr>
<tr><td><b>Password</b></td>
<td> <input type='password' name='password' id='password' /></td></tr>
<tr><td></td>
<td><input align="center" name="submit" value="Login"
type="submit"/></td></tr>
</table>
</form>
External Registration Page
UniBox also allows administrators to create an external registration page for new users. This
page can be linked to the external login page to provide automated provisioning for the end
users. The registration page works with the billing module to charge the customer based on
the payment gateway. Different payment gateways required different registration
processes. This section explains the registration process in more detail.
<form action="http://secure.unibox.com/api/create_user" method="post">

<input type="hidden" name="req_action" value="create"/>
<input type="hidden" name="req_customercode" value="123456"/>
<input type="hidden" name="req_approvalneeded" value="0"/>
<input type="hidden" name="req_successurl" value="http://yourserverurl/successpage"/>
<input type="hidden" name="req_failurl" value="http://yourserverurl/thispage"/>
<input type="hidden" name="req_billdatarequired" value='1'/>
<tr><td>Username *</td>
<td><input type='text' name='req_username' id='username' /></td></tr>
<tr><td>Password *</td>
<td><input type='password' name='req_password' id='password' /></td></tr>
<tr><td>Re-Password *</td>
<td><input type='password' name='req_repassword' id='repassword' /></td></tr>
<tr><td>Full Name *</td>

<td><input type='text' name='req_fullname' id='fullname' /></td></tr>
<tr><td>Address *</td>
<td><input type='text' name='req_address' id='address' /></td></tr>
<tr><td>City *</td>
<td><input type='text' name='req_city' id='city' /></td></tr>
<tr><td>State *</td>
<td><input type='text' name='req_state' id='state' /></td></tr>
<tr><td>Country *</td>
<td><input type='text' name='req_country' id='country' /></td></tr>
<tr><td>Email *</td>
<td><input type='text' name='req_email' id='email' /></td></tr>
<tr><td>Phone Number *</td>

<td><input type='text' name='req_homephone' id='homephone' /></td></tr>
Setting up Remote Syslog Server
Configuring Unibox for Wifilan
URL Logging
VSA - Vendor Specific (RADIUS) Attributes
This section describes all the RADIUS attributes supported by UniBox. These attributes are
primarily useful when UniBox is configured to work with an external RADIUS server. Please
refer to RFC 2865 for more information
http://www.ietf.org/rfc/rfc2865.txt
The table below explains the RADIUS attributes supported by UniBox controller –
Attribute Name Access Request Access Accept

User-Name X
User-Password X
NAS-IP-Address X
NAS-Identifier X
NAS-Port X
NAS-Port-Id X
NAS-Port-Type X
Calling-Station-Id X
Framed-IP-Address X
Framed-MTU
Connect-Info
Acct-Session-Id
Service-Type X
Session-Timeout X
Idle-Timeout X
Reply-Message X
The RADIUS attributes for Accounting packets are as follows –
Attribute Name Accounting Start Accounting Stop

Acct-Status-Type X X
Acct-Input-Octets X
Acct-Output-Octets X
Acct-Session-Id X X
Acct-Session-Time X
Acct-Input-Packets X
Acct-Output-Packets X
Acct-Terminate-Cause X
Acct-Input-Gigawords X
Acct-Output-Gigawords X
Event-Timestamp X X
User-Name X X
Framed-IP-Address X X
NAS-Port-Id X X
NAS-Port-Type X X
NAS-Identifier X X
Calling-Station-Id X X
Called-Station-Id X X
NAS-IP-Address X X
NAS-Port X X

Unibox Userguide 1.8

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Unibox Userguide 1.8

Uploaded by

Copyright:

Available Formats

Unibox User Guide

Applicable Products The only warranties for Wifi-soft products

Unibox Overview ..................................................................................................................................... 9

UniBox is primarily deployed as a hotspot gateway to manage public Wi-Fi hotspots or

3. BYOD Registration and Authorization

Many businesses, especially for non-manufacturing workforce, are witnessing an explosive

4. User Authentication and Tracking

8. Traffic Management & QoS

9. Reporting and Analytics

4. User Provisioning and Management

User accounts created are generally associated to a particular groups, policies or

6. SMS Based Login

How does it work?

UniBox also implements Reverse-SMS authentication process in which the hotspot

7. Social Media Integration

8. Activity Logging (URL Tracking)

9. Network Monitoring and Alerts

10. SMS Advertisement

How does SMS advertisement work?

11. VLAN Description

Unibox works in Layer 2 mode by acting as a promiscuous gateway, wherein a single

UDS1: Unibox Deployment Scenarios 1 – Simple Deployment

UniBox provides a redirect function whereby the network user is redirected to a

BYOD (Bring Your Own Device)

Bandwidth management is increasingly an important function for public access

If administrator configures UniBox to use on-board RADIUS server for user

The software architecture for UniBox is as shown –

The diagram below shows the rear view of UniBox.

Services – Displays all the services running inside UniBox

Wireless Port (Selected Models Only)

Sr. Parameter Description

An SSID is the name of a wireless local area network

Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically

Simple Network Management Protocol (SNMP) is an application–layer protocol for

Authentication section allows administrator to define authentication profile, manage

1. No authentication mode - Authentication is disabled

Primary Authentication Enter the IP address of the primary AAA server

Secondary Authentication Enter the IP address of the secondary or backup AAA

Confirm the shared secret

Enter the authentication port for the server (default:

Enter the accounting port for the server (default: 1813)

Enter the NAS Identifier for Unibox. Default is the serial

List BYOD Devices

No Parameter Required Description

User Session Restrictions Parameters:

No Parameter Required Description

Expire / Suspend User

Un-Expire / Unsuspend User

If checked, UniBox will automatically capture

1. Default predefined portal page

No Parameter Required Description

An unmanaged, public network is susceptible to unrestricted bandwidth usage. A single user

No Policy Name Description

Date & Time Policy

No Parameter Required Description

Note: This policy will only work if local authentication is selected.

No Parameter Required Description

Load Balancing Policy

No Parameter Required Description

No Parameter Required Description

No Parameter Required Description

Content Filtering (Selected Models)

Traffic Analysis (Selected Models)